[Freeipa-users] Force IPA client Reverse Zone Dynamic Updates
Sina Owolabi
notify.sina at gmail.com
Tue Jul 14 14:50:58 UTC 2015
I removed the A record and restarted SSSD.
The DNS record did not update.
On Tue, Jul 14, 2015 at 2:20 PM, Martin Basti <mbasti at redhat.com> wrote:
> On 13/07/15 19:58, Sina Owolabi wrote:
>>
>> Hi Martin
>>
>> Yes all my sssd configs are set ipa_dyndns_update = True
>> I didn't have --allow-sync-ptr=TRUE in all the forward zones so I set
>> them.
>> I've tried to set it in the very first zone (setup during
>> installation) but dnszone-mod complains:
>>
>> # ipa dnszone-mod mydom.com --allow-sync-ptr=TRUE --dynamic-update=TRUE
>> ipa: ERROR: no modifications to be performed
>>
>> But I don't see it in the show command:
>>
>> ipa dnszone-show mydom.com
>> Zone name: mydom.com.
>> Active zone: TRUE
>> Authoritative nameserver: services.mydom.com.
>> Administrator e-mail address: hostmaster.mydom.com.
>> SOA serial: 1436799166
>> SOA refresh: 3600
>> SOA retry: 900
>> SOA expire: 1209600
>> SOA minimum: 3600
>> Allow query: any;
>> Allow transfer: none;
>>
>> On Mon, Jul 13, 2015 at 11:20 AM, Martin Basti <mbasti at redhat.com> wrote:
>>>
>>> On 12/07/15 10:05, Sina Owolabi wrote:
>>>>
>>>> Hi
>>>>
>>>> I have several dns zones defined in IPA. I noticed recently that the
>>>> zone files are empty. I find this odd because I created them like the
>>>> example below.
>>>> Is it possible to force clients to auto-update reverse zones?
>>>>
>>>> Thanks in advance!
>>>>
>>>> How I created all the zones:
>>>>
>>>> ipa dnszone-add 0.14.10.in-addr.arpa. --minimum=3000
>>>> --allow-sync-ptr=TRUE --dynamic-update
>>>> Zone name: 0.14.10.in-addr.arpa.
>>>> Active zone: TRUE
>>>> Authoritative nameserver: services.ourdomain.com.
>>>> Administrator e-mail address: hostmaster
>>>> SOA serial: 1436688202
>>>> SOA refresh: 3600
>>>> SOA retry: 900
>>>> SOA expire: 1209600
>>>> SOA minimum: 3000
>>>> BIND update policy: grant QRIOS.COM krb5-subdomain
>>>> 0.14.10.in-addr.arpa. PTR;
>>>> Dynamic update: TRUE
>>>> Allow query: any;
>>>> Allow transfer: none;
>>>> Allow PTR sync: TRUE
>>>>
>>> Hello,
>>>
>>> do you have --allow-sync-ptr=True configured in zones where the
>>> particular
>>> A/AAAA records are?
>>>
>>> SSSD is able to update records.
>>> Please check if "dyndns_update" is set to true in sssd.conf. (man
>>> sssd-ipa)
>>>
>>> --
>>> Martin Basti
>>>
>
> Can you try to restart SSSD, or to remove the A record and then restart SSSD
> on the particular host?
>
> --
> Martin Basti
>
More information about the Freeipa-users
mailing list