[Freeipa-users] Multiple Reverse (PTR) Zone
Petr Spacek
pspacek at redhat.com
Thu Oct 29 12:03:36 UTC 2015
On 29.10.2015 11:33, Yogesh Sharma wrote:
> Hi,
>
> We are working on to create another DC and extending our existing FreeIPA.
>
> Our current environment has subnet as 172.16.32.0/16. In another DC we have
> 10.242.96.0/20.
>
> On FreeIPA master I have created a PTR Zone with 242.10.in-addr.arpa. ,
> However, on registering the DC2 Client with FreeIPA Master it says
> "Hostname not found in DNS"
This message tells you that "hostname" (i.e. what you see in output of command
"hostname") does not have A/AAAA record in DNS. It has nothing to do with PTR
records.
Message "Failed to update DNS records." is usually caused by misconfigured DNS
zones.
Please see
https://fedorahosted.org/bind-dyndb-ldap/wiki/BIND9/SyncPTR
for advice how to configure DNS zones to accept dynamic updates.
I hope this helps.
Petr^2 Spacek
> Our Domain is same across DC, the only change is Subnet.
>
> Forward Zone is working fine.
>
>
> Below are Regestration Logs:
>
> [root at dr-ipadns-1002 ~]# ipa-client-install --mkhomedir --no-ntp
> Discovery was successful!
> Hostname: dr-ipadns-1002.klikpay.int
> Realm: KLIKPAY.INT
> DNS Domain: klikpay.int
> IPA Server: ipa-inf-prd-ng2-02.klikpay.int
> BaseDN: dc=klikpay,dc=int
>
> Continue to configure the system with these values? [no]: yes
> User authorized to enroll computers: admin
> Synchronizing time with KDC...
> Password for admin at KLIKPAY.INT:
> Successfully retrieved CA cert
> Subject: CN=Certificate Authority,O=KLIKPAY.INT
> Issuer: CN=Certificate Authority,O=KLIKPAY.INT
> Valid From: Fri Aug 14 11:39:47 2015 UTC
> Valid Until: Tue Aug 14 11:39:47 2035 UTC
>
> Enrolled in IPA realm KLIKPAY.INT
> Attempting to get host TGT...
> Created /etc/ipa/default.conf
> New SSSD config will be created
> Configured sudoers in /etc/nsswitch.conf
> Configured /etc/sssd/sssd.conf
> Configured /etc/krb5.conf for IPA realm KLIKPAY.INT
> trying https://ipa-inf-prd-ng2-02.klikpay.int/ipa/xml
> Forwarding 'env' to server u'https://ipa-inf-prd-ng2-02.klikpay.int/ipa/xml'
> *Hostname (dr-ipadns-1002.klikpay.int <http://dr-ipadns-1002.klikpay.int>)
> not found in DNS*
> Failed to update DNS records.
> Adding SSH public key from /etc/ssh/ssh_host_dsa_key.pub
> Adding SSH public key from /etc/ssh/ssh_host_rsa_key.pub
> Forwarding 'host_mod' to server u'
> https://ipa-inf-prd-ng2-02.klikpay.int/ipa/xml'
> SSSD enabled
> Configuring klikpay.int as NIS domain
> Configured /etc/openldap/ldap.conf
> Configured /etc/ssh/ssh_config
> Configured /etc/ssh/sshd_config
> Client configuration complete.
>
> [root at dr-ipadns-1002 ~]# ip r
> 10.242.96.0/20 dev eth0 proto kernel scope link src 10.242.96.3
> 169.254.0.0/16 dev eth0 scope link metric 1002
> default via 10.242.96.1 dev eth0
> [root at dr-ipadns-1002 ~]#
>
>
>>From IPA:
>
> [root at ipa-inf-prd-ng2-01 ~]# ipa dnszone-show 242.10.in-addr.arpa
> Zone name: 242.10.in-addr.arpa.
> Active zone: TRUE
> Authoritative nameserver: ipa-inf-prd-ng2-01.klikpay.int.
> Administrator e-mail address: hostmaster
> SOA serial: 1446111284
> SOA refresh: 3600
> SOA retry: 900
> SOA expire: 1209600
> SOA minimum: 3600
> Allow query: any;
> Allow transfer: none;
> [root at ipa-inf-prd-ng2-01 ~]#
>
>
>
> Please suggest as what I am missing.
--
Petr^2 Spacek
More information about the Freeipa-users
mailing list