Stjepan Gros wrote:

I have a simple question regarding adding hosts in Kerberos when hosts
are dynamically assigned IP addresses and registered to DNS. In such
cases, ipa-addservice complains that host has to have A record in DNS
and doesn't want to add new principal.

So, there are two choices:

1. temporarily add DNS records, run ipa-addservice, and remove DNS
records, or

2. connect PC to network in order for host to receive IP address and
registers with DNS, and then run ipa-addservice

Unfortunatelly, my situation is such that option 2 isn't possible, and
option 1 seems more like a hack than something systematic.

So, is there a third option?


Try the --force flag with ipa-addservice. It allows it to continue past DNS problems.


Freeipa-users mailing list

Reply via email to