[Freeipa-users] DNS updates from dhcpd refused
Dmitri Pal
dpal at redhat.com
Tue Jan 13 17:55:27 UTC 2015
On 01/13/2015 12:35 PM, Mike wrote:
>
> Just a note to anyone else who may be interested. This may be obvious
> but it wasn't to me at first, The "ipa dnszone-mod ...
> --update-policy=..." command wipes out the existing BIND update
> policy. So what would seem to me to be the correct procedure is to do
> "ipa dnszone-show --all" first to get the existing policy. Then append
> the new policy to the existing. This is what ultimatley worked for me
> (all one line).
>
> ipa dnszone-mod inside.lan --update-policy="grant INSIDE.LAN krb5-self
> * A; grant INSIDE.LAN krb5-self * AAAA; grant INSIDE.LAN krb5-self *
> SSHFP; grant dhcpupdate zonesub A; grant dhcpupdate zonesub TXT; grant
> dhcpupdate zonesub PTR;"
>
>
>
>
Would you mind contributing a howto solution to FreeIPA site?
--
Thank you,
Dmitri Pal
Sr. Engineering Manager IdM portfolio
Red Hat, Inc.
More information about the Freeipa-users
mailing list