On Sun, Feb 19, 2012 at 8:47 PM, Simo Sorce <[email protected]> wrote: > On Sun, 2012-02-19 at 17:23 +0100, Marco Pizzoli wrote: > > Hi, > > During my setup today I'm always failing in enrolling clients with > > automatic dns updates. > > I'm playing with FreeIPA 2.1.90, but I guess this is a general > > problem, not strictly due to the alpha version. > > > > I'm doing a "ipa-client-install --enable-dns-updates" and at the > > console I see: > > Failed to update DNS A record. (Command '/usr/bin/nsupdate > > -g /etc/ipa/.dns_update.txt' returned non-zero exit status 2) > > > > I see in server logs that named refuses it: > > Feb 19 17:05:25 freeipa01 named[2089]: client 192.168.20.112#38558: > > update 'internet.unix.mydomain.it/IN' denied > > Feb 19 17:05:25 freeipa01 named[2089]: client 192.168.20.112#40809: > > update 'internet.unix.mydomain.it/IN' denied > > > > What is the cause? What other informations do you need about my > > deployment? > > Did you install freeipa with the --setup-dns option ? > And does your client use the freeipa dns server in that case ? > > If either answer is no, it is normal to see the update fail as a non > freeipa dns server wouldn't be able to accept the update (unless you > manually configured the external server to handle GSS-TSIG updates). > > If both answers are yes then we may need to activate debug logging in > named, as it is supposed to work. >
Yes to both. Please let me know the best way to do it and I will follow it. ----------- I already found a bug with the web ui. I'll send another mail in a few minutes. > > Simo. > > -- > Simo Sorce * Red Hat, Inc * New York > >
_______________________________________________ Freeipa-users mailing list [email protected] https://www.redhat.com/mailman/listinfo/freeipa-users
