[Freeipa-users] named and IpA

[Petr Spacek]

On 2.10.2014 19:05, Licause, Al (CSC AMS BCS - UNIX/Linux Network Support) wrote:
> We have IdM running on a RHEL V7 system and have configured a local DNS server
> in our test lab.
>
> We have loaded the various SRV and TXT records needed by the IdM server.
>
>
> PROBLEM:
>
>>From the IdM server we can only lookup local records.  The name resolver will not
> attempt to look to another other name servers or domains defined in /etc/resolv.conf
>
> If I shutdown IdM using ipactl stop and then restart named, the name resolver works
> for local and remote hosts, addresses and domains as well as serving up the SRV records
> defined on the local host.
>
> Am I correct in assuming that while IdM is up and running, the only other systems it
> will communicate with at least with regard to name services is another host also
> running IdM defined either as a server or a client ?
>
> If this is case, is there anyone to better integrate some of these common services such
> as named into an existing network such that you are not limited by the IdM components ?

I would like to get additional information about your environment:
- Is the IPA server is installed with DNS or not? Did you use option 
--setup-dns during ipa-server-install?

- Which DNS zones do you have defined on IPA server? You can use command "ipa 
dnszone-find" to list all zones.

- Is there any other DNS servers serving same DNS zones?

- Did you configure forwarders in /etc/named.conf or via ipa command line 
tools (ipa dnsconfig-mod or --forwarder option during ipa-server-install)?

- Please attach result of DNS lookups using "dig" command: One output when it 
doesn't work (i.e. with IPA running) and the other when it works as you expect 
(i.e. after "ipactl stop" and "service named restart").

Thank you.

-- 
Petr^2 Spacek