[Freeipa-users] 3.0 beta1 install on Fedora 17 - No DNS Zones
Michael Mercier
mmercier at gmail.com
Thu Jul 26 13:34:58 UTC 2012
Hello,
Hmm... please ignore this...
A reboot of the ipaserver seems to have resolved the issue.
Thanks,
Mike
On 2012-07-26, at 9:28 AM, Rob Crittenden wrote:
> Michael Mercier wrote:
>> Hello,
>>
>> I have installed FreeIPA 3.0 beta 1 on Fedora 17, and added a Fedora 17 client.
>>
>> I do not have anything under the Identity -> DNS tab (i.e. no DNS zones)
>>
>> I did the following when installing:
>>
>>
>> On the server:
>> [root at ipaserver ~]#ipa-server-install
>> -- oops forgot to include DNS
>> [root at ipaserver ~]#ipa-server-install --uninstall -U
>> [root at ipaserver ~]#ipa-server-install --setup-dns --no-forwarders
>> -- at some point the installer prompted with a message that a named.conf already existed, overwrite?
>> -- I chose yes
>> [root at ipaserver ~]# cd /var/named/
>> [root at ipaserver named]# ls
>> data dynamic named.ca named.empty named.localhost named.loopback slaves
>> [root at ipaserver named]# find .
>> .
>> ./named.loopback
>> ./named.empty
>> ./slaves
>> ./named.localhost
>> ./data
>> ./data/named.run
>> ./dynamic
>> ./named.ca
>> [root at ipaserver named]# cat /etc/named.conf
>> options {
>> // turns on IPv6 for port 53, IPv4 is on by default for all ifaces
>> listen-on-v6 {any;};
>>
>> // Put files that named is allowed to write in the data/ directory:
>> directory "/var/named"; // the default
>> dump-file "data/cache_dump.db";
>> statistics-file "data/named_stats.txt";
>> memstatistics-file "data/named_mem_stats.txt";
>>
>> forward first;
>> forwarders { };
>>
>> // Any host is permitted to issue recursive queries
>> allow-recursion { any; };
>>
>> tkey-gssapi-credential "DNS/ipaserver.beta.local";
>> tkey-domain "BETA.LOCAL";
>> };
>>
>> /* If you want to enable debugging, eg. using the 'rndc trace' command,
>> * By default, SELinux policy does not allow named to modify the /var/named directory,
>> * so put the default debug log file in data/ :
>> */
>> logging {
>> channel default_debug {
>> file "data/named.run";
>> severity dynamic;
>> };
>> };
>>
>> zone "." IN {
>> type hint;
>> file "named.ca";
>> };
>>
>> include "/etc/named.rfc1912.zones";
>>
>> dynamic-db "ipa" {
>> library "ldap.so";
>> arg "uri ldapi://%2fvar%2frun%2fslapd-BETA-LOCAL.socket";
>> arg "base cn=dns, dc=beta,dc=local";
>> arg "fake_mname ipaserver.beta.local.";
>> arg "auth_method sasl";
>> arg "sasl_mech GSSAPI";
>> arg "sasl_user DNS/ipaserver.beta.local";
>> arg "zone_refresh 0";
>> arg "psearch yes";
>> };
>>
>> [root at ipaserver ~]# ifconfig eth0
>> eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
>> inet 172.16.112.10 netmask 255.255.255.0 broadcast 172.16.112.255
>> inet6 fe80::20c:29ff:fe56:53bd prefixlen 64 scopeid 0x20<link>
>> ether 00:0c:29:56:53:bd txqueuelen 1000 (Ethernet)
>> RX packets 33531 bytes 24153141 (23.0 MiB)
>> RX errors 0 dropped 0 overruns 0 frame 0
>> TX packets 30428 bytes 17489346 (16.6 MiB)
>> TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
>>
>>
>> On the client:
>> [root at ipaclient ~]#ipa-client-install --enable-dns-updates
>> [root at ipaclient ~]# ifconfig eth0
>> eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
>> inet 172.16.112.11 netmask 255.255.255.0 broadcast 172.16.112.255
>> inet6 fe80::20c:29ff:fed4:9724 prefixlen 64 scopeid 0x20<link>
>> ether 00:0c:29:d4:97:24 txqueuelen 1000 (Ethernet)
>> RX packets 23591 bytes 24965586 (23.8 MiB)
>> RX errors 0 dropped 0 overruns 0 frame 0
>> TX packets 12756 bytes 1274305 (1.2 MiB)
>> TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
>>
>> [root at ipaclient ~]# nslookup ipaclient
>> Server: 172.16.112.10
>> Address: 172.16.112.10#53
>>
>> Name: ipaclient.beta.local
>> Address: 172.16.112.11
>>
>> [root at ipaclient ~]# nslookup ipaserver
>> Server: 172.16.112.10
>> Address: 172.16.112.10#53
>>
>> Name: ipaserver.beta.local
>> Address: 172.16.112.10
>> [root at ipaclient ~]# ipa dnszone-show beta.local
>> ipa: ERROR: beta.local: DNS zone not found
>> [root at ipaclient ~]# ipa dns-resolve ipaserver.beta.local
>> -----------------------------
>> Found 'ipaserver.beta.local.'
>> -----------------------------
>> [root at ipaclient ~]# ipa dnsconfig-show
>> ---------------------------------
>> Global DNS configuration is empty
>> ---------------------------------
>>
>> Any pointers?
>>
>> Thanks,
>> Mike
>
> I'd be curious what ipa dnszone-find returns.
>
> rob
More information about the Freeipa-users
mailing list