[Freeipa-users] nsupdate refused
Guy Matz
gmatz at collective.com
Sat Apr 27 14:35:07 UTC 2013
Hi! Anyone out there know how to get nsupdate to work with an IPA
controlled DNS server? I have followed the instructions at
http://freeipa.org/page/Dynamic_updates_with_GSS-TSIG in an attempt to
get a single machine to be able to perform any update, and have this as
one of the entries in my "bind update policy":
grant SERVICE\047foreman.collmedia.net at COLLMEDIA.NET wildcard * ANY;
and dynamic update is set to true, but still I get this in
/var/log/messages on my IPA server when attempting an update from the
foreman server in the grant statement above:
ipadevmstr named[27956]: client 192.168.8.113#60749: updating zone
'collmedia.net/IN': update failed: rejected by secure update (REFUSED)
Any help is greatly appreciated!
Thanks,
Guy
More information about the Freeipa-users
mailing list