I have IPA server with domain example.test, the IPA server hostname is ipa.dom1.company.com.
I try to IPA-enroll a client client.lab.dom1.company.com into that IPA server using
ipa-client-install --domain=example.test --realm=EXAMPLE.TEST --server=ipa.dom1.company.com
I see
Hostname (client.lab.dom1.company.com) not found in DNS Failed to update DNS records.
in the {{{ipa-client-install}}} and the {{{ipaclient-install.log}}} says
2014-12-02T09:45:12Z WARNING Hostname (client.lab.dom1.company.com) not found in DNS 2014-12-02T09:45:12Z DEBUG Writing nsupdate commands to /etc/ipa/.dns_update.txt: 2014-12-02T09:45:12Z DEBUG debug zone lab.dom1.company.com. update delete client.lab.dom1.company.com. IN A show send update add client.lab.dom1.company.com. 1200 IN A 10.11.12.13 show send 2014-12-02T09:45:12Z DEBUG Starting external process 2014-12-02T09:45:12Z DEBUG args='/usr/bin/nsupdate' '-g' '/etc/ipa/.dns_update.txt' 2014-12-02T09:45:12Z DEBUG Process finished, return code=2 2014-12-02T09:45:12Z DEBUG stdout=Outgoing update query: ;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: 0 ;; flags:; ZONE: 0, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0 ;; ZONE SECTION: ;lab.dom1.company.com. IN SOA ;; UPDATE SECTION: client.lab.dom1.company.com. 0 ANY A Outgoing update query: ;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: 0 ;; flags:; ZONE: 0, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0 ;; ZONE SECTION: ;lab.dom1.company.com. IN SOA ;; UPDATE SECTION: client.lab.dom1.company.com. 1200 IN A 10.11.12.13 2014-12-02T09:45:12Z DEBUG stderr=Reply from SOA query: ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 61512 ;; flags: qr aa rd ra; QUESTION: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0 ;; QUESTION SECTION: ;lab.dom1.company.com. IN SOA ;; AUTHORITY SECTION: dom1.company.com. 0 IN SOA ipa.dom1.company.com. hostmaster.example.test. 1417513322 3600 900 1209600 3600 specified zone 'lab.dom1.company.com' does not exist (NXDOMAIN) Reply from SOA query: ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 10673 ;; flags: qr aa rd ra; QUESTION: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0 ;; QUESTION SECTION: ;lab.dom1.company.com. IN SOA ;; AUTHORITY SECTION: dom1.company.com. 0 IN SOA ipa.dom1.company.com. hostmaster.example.test. 1417513322 3600 900 1209600 3600 specified zone 'lab.dom1.company.com' does not exist (NXDOMAIN) 2014-12-02T09:45:12Z DEBUG nsupdate failed: Command ''/usr/bin/nsupdate' '-g' '/etc/ipa/.dns_update.txt'' returned non-zero exit status 2 2014-12-02T09:45:12Z ERROR Failed to update DNS records.
Petr says that ipa-client-install shouldn't specify the zome at all, and the server should happilly create the record in the dom1.company.com zone.
In other words, ipa-client-install will fail to update DNS records in some specific DNS configurations.
master:
ipa-4-1:
Metadata Update from @adelton: - Issue assigned to adelton - Issue set to the milestone: FreeIPA 4.1.3
Login to comment on this ticket.