[Freeipa-users] Force IPA client Reverse Zone Dynamic Updates
Martin Basti
mbasti at redhat.com
Mon Jul 13 10:20:05 UTC 2015
On 12/07/15 10:05, Sina Owolabi wrote:
> Hi
>
> I have several dns zones defined in IPA. I noticed recently that the
> zone files are empty. I find this odd because I created them like the
> example below.
> Is it possible to force clients to auto-update reverse zones?
>
> Thanks in advance!
>
> How I created all the zones:
>
> ipa dnszone-add 0.14.10.in-addr.arpa. --minimum=3000
> --allow-sync-ptr=TRUE --dynamic-update
> Zone name: 0.14.10.in-addr.arpa.
> Active zone: TRUE
> Authoritative nameserver: services.ourdomain.com.
> Administrator e-mail address: hostmaster
> SOA serial: 1436688202
> SOA refresh: 3600
> SOA retry: 900
> SOA expire: 1209600
> SOA minimum: 3000
> BIND update policy: grant QRIOS.COM krb5-subdomain 0.14.10.in-addr.arpa. PTR;
> Dynamic update: TRUE
> Allow query: any;
> Allow transfer: none;
> Allow PTR sync: TRUE
>
Hello,
do you have --allow-sync-ptr=True configured in zones where the
particular A/AAAA records are?
SSSD is able to update records.
Please check if "dyndns_update" is set to true in sssd.conf. (man sssd-ipa)
--
Martin Basti
More information about the Freeipa-users
mailing list