dweller dweller via FreeIPA-users wrote: > Yep, sorry. I reuploaded it to github > https://github.com/vudex/for-freeipa-users/blob/main/ipaclient-install.log. > > Connectivity to ipa replica is definetly there: > >> [root@host-01 ~]# telnet freeipa-master-01.test-krb1.novalocal 53 >> Trying 172.28.19.229... >> Connected to freeipa-master-01.test-krb1.novalocal. >> Escape character is '^]'. > > So, Rob, as I understood from your reply, A-record should be added *almost* > always when we are enrolling new host, because DNS lookup will fail > (considering we are using freeipa-dns and relying on enrollment process to > setup records). > > So I do not need to specify options: > * --enable-dns-updates is set > * --ip-address is set > * --all-ip-addresses is set > > if I'm relying on failing of DNS lookup
An A record was found for host-01.test-krb1.novalocal: From the log: 2023-09-10T06:48:34Z DEBUG found 1 A records for host-01.test-krb1.novalocal.: 172.28.19.96 2023-09-10T06:48:34Z DEBUG The DNS response does not contain an answer to the question: host-01.test-krb1.novalocal. IN AAAA Later you'll see an nsupdate to update DNS: 2023-09-10T06:48:34Z DEBUG Writing nsupdate commands to /etc/ipa/.dns_update.txt: 2023-09-10T06:48:34Z DEBUG debug update delete host-01.test-krb1.novalocal. IN A show send update delete host-01.test-krb1.novalocal. IN AAAA show send update add host-01.test-krb1.novalocal. 1200 IN A 172.28.19.96 show send That update is failing but I can't tell why. We validate that the update succeeded by looking up the expected results, and they aren't there, except apparently for the reverse: 2023-09-10T06:48:34Z DEBUG DNS resolver: Query: host-01.test-krb1.novalocal IN A 2023-09-10T06:48:34Z DEBUG DNS resolver: Query: host-01.test-krb1.novalocal IN AAAA 2023-09-10T06:48:34Z DEBUG DNS resolver: No record. 2023-09-10T06:48:34Z DEBUG DNS resolver: Query: 96.19.28.172.in-addr.arpa. IN PTR Strangely though we also print a summary of missing entries and that isn't logged. I'd expect something like "Missing A/AAAA record(s) for host host-01.test-krb1.novalocal" but it isn't logged. rob _______________________________________________ FreeIPA-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected] Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
