[Freeipa-users] DNS reverse Zones on other server
Petr Spacek
pspacek at redhat.com
Mon May 2 06:44:58 UTC 2016
On 29.4.2016 17:46, Wanka, Silvio wrote:
> Hi,
>
> if I search in the web for this problem I don’t find an useable solution, maybe my search pattern is wrong. ;-)
>
> I have setup an IPA domain with integrated DNS but because the most systems here are Windows servers and clients the IPA clients must use the same IP ranges. So the reverse zones are located on AD domain controllers. These reverse zones are of course configured as forward zones on the IPA DNS server. So reverse lookup works properly for all AD computers but I miss a possibility that if we join a computer to IPA which adds a DNS record or manually add a DNS record that the reverse record will be automatically added on AD site as it would be done if the reverse zone would be located on IPA site.
> Is there the only possibility to manage the reverse record on AD site manually or update/refresh it per regular running script?
>
> I have a one-way trust to AD but won’t change it to two-way, if necessary and possible I would use a special AD account for that.
I can see two options:
- configure DHCP server to somehow update the DNS server (to avoid
authentication of client machines to to the DNS server for updates)
- use two-way trust - you already denied this option
Sorry, we do not have better answer for you right now.
--
Petr^2 Spacek
More information about the Freeipa-users
mailing list