[Freeipa-users] SRV (mixed?) records
lejeczek
peljasz at yahoo.co.uk
Thu Nov 10 11:08:05 UTC 2016
On 10/11/16 10:44, Petr Spacek wrote:
> This is non-standard situation so it asks for non-standard commands.
>
> I would try:
> $ ipa privilege-mod 'DNS Servers'
> --addattr=member=krbprincipalname=DNS/rider..xx.xx..xx.xx.x at .xx.xx..xx.xx.x,cn=services,cn=xxcounts,dc=,dc=xx,dc=xx,dc=,dc=xx,dc=xx,dc=x'
> $ ipa privilege-mod 'DNS Servers'
> --addattr=member=krbprincipalname=ipa-dnskeysyncd/rider..xx.xx..xx.xx.x at .xx.xx..xx.xx.x,cn=services,cn=xxcounts,dc=,dc=xx,dc=xx,dc=,dc=xx,dc=xx,dc=x'
>
> Be very careful when constructing these DNs, --addattr do not validate the input!
well, I realize these can be trivial trifles, but man, you
saved the... week!
And to finish (hopefully) - maybe even more of a puzzle: how
it happened?
This box member was fine, suddenly (I was
recovering/reconnecting replication agreements), maybe not
suddenly, but when I noticed at some point, it did that. It
lost those ldap bits?
many! thanks
L.
More information about the Freeipa-users
mailing list