[Freeipa-users] Dynamic DNS
Guy Matz
gmatz at collective.com
Tue Apr 30 16:08:01 UTC 2013
hi! Anyone out there gotten Dynamic DNS freeipa-managed DNS server?
I've been trying for days following instructions from various freeipa
and redhat docs! I've set up keytabs, set up /etc/rndc.key, set
Dynamic update to True and put the following in my BIND update policy:
grant host\047foreman.collmedia.net at COLLMEDIA.NET wildcard * ANY;
grant host\047ipadevmstr.collmedia.net at COLLMEDIA.NET wildcard * ANY;
I keep getting:
# nsupdate -g a_update
update failed: REFUSED
update failed: REFUSED
[root at ipadevmstr ~]# cat a_update
server ipadevmstr.collmedia.net
zone collmedia.net.
update add client.collmedia.net. 86400 IN A
192.168.8.120
send
update delete client.collmedia.net. IN A
send
tail /var/log/messages
Apr 30 11:52:32 ipadevmstr named[9349]: client 192.168.8.111#26141:
query: collmedia.net IN SOA - (192.168.8.111)
Apr 30 11:52:32 ipadevmstr named[9349]: client 192.168.8.111#37600:
query: 692300375.sig-ipadevmstr.collmedia.net ANY TKEY -T (192.168.8.111)
Apr 30 11:52:32 ipadevmstr named[9349]: client 192.168.8.111#52609:
updating zone 'collmedia.net/IN': update failed: rejected by secure
update (REFUSED)
Apr 30 11:52:32 ipadevmstr named[9349]: client 192.168.8.111#26141:
query: collmedia.net IN SOA - (192.168.8.111)
Apr 30 11:52:32 ipadevmstr named[9349]: client 192.168.8.111#40423:
query: 718499086.sig-ipadevmstr.collmedia.net ANY TKEY -T (192.168.8.111)
Apr 30 11:52:32 ipadevmstr named[9349]: client 192.168.8.111#37000:
updating zone 'collmedia.net/IN': update failed: rejected by secure
update (REFUSED)
Any help would be GREATLY appreciated . . .
Thanks a lot,
Guy
More information about the Freeipa-users
mailing list