[Freeipa-users] FreeIPA + /etc/named.conf
Martin Basti
mbasti at redhat.com
Thu Jan 5 19:17:40 UTC 2017
On 05.01.2017 20:03, TomK wrote:
> Hey All,
>
> QQ.
>
> Should the DNS forwarders be updated in /etc/named.conf? Until I
> manually change /etc/named.conf, can't ping the windows AD cluster:
> mds.xyz. Nor can I get dig to resolve the SRV records (dig SRV
> _ldap._tcp.mds.xyz).
>
> sssd-ipa-1.14.0-43.el7_3.4.x86_64
> ipa-client-4.4.0-14.el7.centos.x86_64
>
> IPA command below indicates that it's set to 'first' but that's not
> what's in /etc/named.conf file when I check. Again, it works if I
> change /etc/named.conf manually.
>
Forwarder settings has priority:
named.conf < global forwarders (ipa dnsconfig-mod) < local dns server
config (ipa dnsserver-*) < forwardzones (applied per query, not as
global forwarder)
so what is in named.conf is usually always overwritten
How did you edited the named.conf?
Does dig @192.168.0.224 SRV _ldap._tcp.mds.xyz. works?
Do you have any errors in journalctl -u named-pkcs11 ??
Martin
More information about the Freeipa-users
mailing list