On Fri, 2015-09-11 at 10:25 -0700, [email protected] wrote: > I have been trying to figure this out for a while now but when I join > machine to FreeIPA, the installer properly creates forward DNS > entries,and DNSSSHFP entries, but does not create reverse entries. > Without the PTR records, kerberos logins are always failing on these > machines.
I am interested in understanding what fails exactly, stuff should not depend on reverse resolution can you give me an example of a failure ? For the PTR creation anyway have you enabled the option to allow setting PTR records ? There is a global DNS option (As awell as per-zone setting) called "Allow PTR Sync" you may want to enable. -- Simo Sorce * Red Hat, Inc * New York -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project
