Hi Rob, thanks for taking a look. Re: sanity check I meant: 13-Dec-2018 00:31:34.398 client 10.30.10.27#53265/key host/mdc-ipa-01.idm.planetrisk.com\(a)IDM.PLANETRISK.COM: updating zone 'idm.planetrisk.com/IN': update rejected: post update name server sanity check failed
13-Dec-2018 00:31:34.511 client 10.30.10.27#40273/key host/mdc-ipa-01.idm.planetrisk.com\(a)IDM.PLANETRISK.COM: updating zone 'idm.planetrisk.com/IN': deleting rrset at 'mdc-ipa-01.idm.planetrisk.com' A And then you can see there in the log snippet from the first post that it immediately tries again and succeeds. The log does not indicate a successful delete, I just know the record is gone. It has occurred to me that this is from the bind/named log so the sanity check has nothing to do with FreeIPA. And probably that sanity check is bind saying “you can’t/shouldn’t delete the A record associated with the NS records” So now I’m back to asking myself why/who/what is causing the record to be deleted in the first place. Let me do some more digging and see if I can find the culprit. I suspect something to do with sssd and dynamic updates. _______________________________________________ FreeIPA-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected]
