[Freeipa-users] Force IPA client Reverse Zone Dynamic Updates

Sina Owolabi notify.sina at gmail.com
Tue Jul 14 14:52:57 UTC 2015 

I restarted network services on the host, then I restarted sssd again.
The record appeared!

On Tue, Jul 14, 2015 at 3:50 PM, Sina Owolabi <notify.sina at gmail.com> wrote:
> I removed the A record and restarted SSSD.
> The DNS record did not update.
>
> On Tue, Jul 14, 2015 at 2:20 PM, Martin Basti <mbasti at redhat.com> wrote:
>> On 13/07/15 19:58, Sina Owolabi wrote:
>>>
>>> Hi Martin
>>>
>>> Yes all my sssd configs are set ipa_dyndns_update = True
>>> I didn't have --allow-sync-ptr=TRUE in all the forward zones so I set
>>> them.
>>> I've tried to set it in the very first zone (setup during
>>> installation) but dnszone-mod complains:
>>>
>>> # ipa dnszone-mod mydom.com --allow-sync-ptr=TRUE --dynamic-update=TRUE
>>> ipa: ERROR: no modifications to be performed
>>>
>>> But I don't see it in the show command:
>>>
>>>   ipa dnszone-show mydom.com
>>>    Zone name: mydom.com.
>>>    Active zone: TRUE
>>>    Authoritative nameserver: services.mydom.com.
>>>    Administrator e-mail address: hostmaster.mydom.com.
>>>    SOA serial: 1436799166
>>>    SOA refresh: 3600
>>>    SOA retry: 900
>>>    SOA expire: 1209600
>>>    SOA minimum: 3600
>>>    Allow query: any;
>>>    Allow transfer: none;
>>>
>>> On Mon, Jul 13, 2015 at 11:20 AM, Martin Basti <mbasti at redhat.com> wrote:
>>>>
>>>> On 12/07/15 10:05, Sina Owolabi wrote:
>>>>>
>>>>> Hi
>>>>>
>>>>> I have several dns zones defined in IPA. I noticed recently that the
>>>>> zone files are empty. I find this odd because I created them like the
>>>>> example below.
>>>>> Is it possible to force clients to auto-update reverse zones?
>>>>>
>>>>> Thanks in advance!
>>>>>
>>>>> How I created all the zones:
>>>>>
>>>>>    ipa dnszone-add 0.14.10.in-addr.arpa. --minimum=3000
>>>>> --allow-sync-ptr=TRUE --dynamic-update
>>>>>     Zone name: 0.14.10.in-addr.arpa.
>>>>>     Active zone: TRUE
>>>>>     Authoritative nameserver: services.ourdomain.com.
>>>>>     Administrator e-mail address: hostmaster
>>>>>     SOA serial: 1436688202
>>>>>     SOA refresh: 3600
>>>>>     SOA retry: 900
>>>>>     SOA expire: 1209600
>>>>>     SOA minimum: 3000
>>>>>     BIND update policy: grant QRIOS.COM krb5-subdomain
>>>>> 0.14.10.in-addr.arpa. PTR;
>>>>>     Dynamic update: TRUE
>>>>>     Allow query: any;
>>>>>     Allow transfer: none;
>>>>>     Allow PTR sync: TRUE
>>>>>
>>>> Hello,
>>>>
>>>> do you have --allow-sync-ptr=True configured in zones where the
>>>> particular
>>>> A/AAAA records are?
>>>>
>>>> SSSD is able to update records.
>>>> Please check if "dyndns_update" is set to true in sssd.conf. (man
>>>> sssd-ipa)
>>>>
>>>> --
>>>> Martin Basti
>>>>
>>
>> Can you try to restart SSSD, or to remove the A record and then restart SSSD
>> on the particular host?
>>
>> --
>> Martin Basti
>>

More information about the Freeipa-users mailing list