[Freeipa-users] IPA, Named and DHCP
Petr Spacek
pspacek at redhat.com
Mon Sep 9 11:36:20 UTC 2013
On 7.9.2013 18:36, Simo Sorce wrote:
> On Fri, 2013-09-06 at 20:12 -0400, bwellsnc wrote:
>> Hello. I am working on implementing several new things at my
>> company, IPA, a new DHCP server, and a new named server. The problem
>> is that I am running an infrastructure with Windows, Linux, and Mac.
>> This means that DNS entries cannot be kept up to date using the
>> windows/mac side because they are not part of IPA. The current
>> DHCP/Named instance I am replacing does named updates from DHCP. I am
>> wondering, can the named instance used by IPA be updated using DHCP.
>> The ideal situation would be for DHCP to be allowed to automatically
>> make additions to IPA's DNS server, even if there is no entry for that
>> host. Can something like this be implemented with ipa:
>>
>>
>> http://edmann.com/Computers-Technology/2008/01/08/ISC-DHCP-and-Ldap-Backend
>>
> The LDAP backend for ISC DHCP is used to store dhcp data, but wouldn't
> be very useful for your purpose.
>
> If you can run a script from the DHCP server when a machine registers,
> then what you can do is to create a user/service allowed to modify DNS
> entries (aadding a named ACI to the relative zone) and then simply use
> the script to call 'nsupdate' and issue GSS-TSIG signed dns update
> requests.
Simo is right. Please see:
- man dhcpd.conf, particularly section 'EVENTS' and options ddns-*,
do-forward-updates and client-updates.
- http://www.freeipa.org/page/Dynamic_updates_with_GSS-TSIG, particularly
section about update-policies
Don't hesitate to ask again if you find some something unclear or misleading
information.
--
Petr^2 Spacek
More information about the Freeipa-users
mailing list