On Fri, 2015-09-11 at 10:25 -0700, nat...@nathanpeters.com wrote:
> I have been trying to figure this out for a while now but when I join 
> machine to FreeIPA, the installer properly creates forward DNS
> entries,and DNSSSHFP entries, but does not create reverse entries.
> Without the PTR records, kerberos logins are always failing on these
> machines.

I am interested in understanding what fails exactly, stuff should not
depend on reverse resolution can you give me an example of a failure ?

For the PTR creation anyway have you enabled the option to allow setting
PTR records ?
There is a global DNS option (As awell as per-zone setting) called
"Allow PTR Sync" you may want to enable.

-- 
Simo Sorce * Red Hat, Inc * New York

-- 
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project

Reply via email to