Cloned Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=766075
The --allow-dynupdate option for dnszone-mod does not take any parameter, so if the option is not specified it will be considered as changing it to FALSE, which might not be the intention. This problem affects both CLI and UI.
In the following example the dynamic update is initially TRUE (not shown):
# ipa dnszone-show example.com Zone name: example.com Authoritative nameserver: ns.example.com. Administrator e-mail address: root.example.com. SOA serial: 2011311001 SOA refresh: 3600 SOA retry: 900 SOA expire: 1209600 SOA minimum: 3600 Active zone: TRUE
The following command intends to change the SOA retry only, but the dynamic update is changed to FALSE.
# ipa dnszone-mod example.com --retry=600 Zone name: example.com Authoritative nameserver: ns.example.com. Administrator e-mail address: root.example.com. SOA serial: 2011311001 SOA refresh: 3600 SOA retry: 600 SOA expire: 1209600 SOA minimum: 3600 Active zone: TRUE Dynamic update: FALSE
One solution is to change the --allow-dynupdate option to take a boolean value.
Filed doc bug for now https://bugzilla.redhat.com/show_bug.cgi?id=750604
master:[[BR]] b5c049a[[BR]] 843c078
This seems to break other flags, see random of host. The value is getting set to the string u'TRUE' or u'FALSE' so option.get('random', False) doesn't do the right thing.
ipa host-add test.example.com
This will always generate a random password.
I will implement the solution under the follow-up ticket #2097 which has been already opened.
Ticket has been cloned to Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=766075
Metadata Update from @edewata: - Issue assigned to mkosek - Issue set to the milestone: FreeIPA 3.0 Core Effort - 2011/11
Login to comment on this ticket.