Sure Petr. Will go through it. Thanks for Sharing. *Best Regards,*
*__________________________________________* *Yogesh Sharma* *Email: yks0...@gmail.com <yks0...@gmail.com> | Web: www.initd.in <http://www.initd.in/> * *RHCE, VCE-CIA, RACKSPACE CLOUD U Certified* <https://www.fb.com/yks0000> <http://in.linkedin.com/in/yks0000> <https://twitter.com/checkwithyogesh> <http://google.com/+YogeshSharmaOnGooglePlus> On Thu, Oct 29, 2015 at 5:33 PM, Petr Spacek <pspa...@redhat.com> wrote: > On 29.10.2015 11:33, Yogesh Sharma wrote: > > Hi, > > > > We are working on to create another DC and extending our existing > FreeIPA. > > > > Our current environment has subnet as 172.16.32.0/16. In another DC we > have > > 10.242.96.0/20. > > > > On FreeIPA master I have created a PTR Zone with 242.10.in-addr.arpa. , > > However, on registering the DC2 Client with FreeIPA Master it says > > "Hostname not found in DNS" > > This message tells you that "hostname" (i.e. what you see in output of > command > "hostname") does not have A/AAAA record in DNS. It has nothing to do with > PTR > records. > > Message "Failed to update DNS records." is usually caused by misconfigured > DNS > zones. > > Please see > https://fedorahosted.org/bind-dyndb-ldap/wiki/BIND9/SyncPTR > for advice how to configure DNS zones to accept dynamic updates. > > I hope this helps. > Petr^2 Spacek > > > Our Domain is same across DC, the only change is Subnet. > > > > Forward Zone is working fine. > > > > > > Below are Regestration Logs: > > > > [root@dr-ipadns-1002 ~]# ipa-client-install --mkhomedir --no-ntp > > Discovery was successful! > > Hostname: dr-ipadns-1002.klikpay.int > > Realm: KLIKPAY.INT > > DNS Domain: klikpay.int > > IPA Server: ipa-inf-prd-ng2-02.klikpay.int > > BaseDN: dc=klikpay,dc=int > > > > Continue to configure the system with these values? [no]: yes > > User authorized to enroll computers: admin > > Synchronizing time with KDC... > > Password for ad...@klikpay.int: > > Successfully retrieved CA cert > > Subject: CN=Certificate Authority,O=KLIKPAY.INT > > Issuer: CN=Certificate Authority,O=KLIKPAY.INT > > Valid From: Fri Aug 14 11:39:47 2015 UTC > > Valid Until: Tue Aug 14 11:39:47 2035 UTC > > > > Enrolled in IPA realm KLIKPAY.INT > > Attempting to get host TGT... > > Created /etc/ipa/default.conf > > New SSSD config will be created > > Configured sudoers in /etc/nsswitch.conf > > Configured /etc/sssd/sssd.conf > > Configured /etc/krb5.conf for IPA realm KLIKPAY.INT > > trying https://ipa-inf-prd-ng2-02.klikpay.int/ipa/xml > > Forwarding 'env' to server u' > https://ipa-inf-prd-ng2-02.klikpay.int/ipa/xml' > > *Hostname (dr-ipadns-1002.klikpay.int <http://dr-ipadns-1002.klikpay.int > >) > > not found in DNS* > > Failed to update DNS records. > > Adding SSH public key from /etc/ssh/ssh_host_dsa_key.pub > > Adding SSH public key from /etc/ssh/ssh_host_rsa_key.pub > > Forwarding 'host_mod' to server u' > > https://ipa-inf-prd-ng2-02.klikpay.int/ipa/xml' > > SSSD enabled > > Configuring klikpay.int as NIS domain > > Configured /etc/openldap/ldap.conf > > Configured /etc/ssh/ssh_config > > Configured /etc/ssh/sshd_config > > Client configuration complete. > > > > [root@dr-ipadns-1002 ~]# ip r > > 10.242.96.0/20 dev eth0 proto kernel scope link src 10.242.96.3 > > 169.254.0.0/16 dev eth0 scope link metric 1002 > > default via 10.242.96.1 dev eth0 > > [root@dr-ipadns-1002 ~]# > > > > > >>From IPA: > > > > [root@ipa-inf-prd-ng2-01 ~]# ipa dnszone-show 242.10.in-addr.arpa > > Zone name: 242.10.in-addr.arpa. > > Active zone: TRUE > > Authoritative nameserver: ipa-inf-prd-ng2-01.klikpay.int. > > Administrator e-mail address: hostmaster > > SOA serial: 1446111284 > > SOA refresh: 3600 > > SOA retry: 900 > > SOA expire: 1209600 > > SOA minimum: 3600 > > Allow query: any; > > Allow transfer: none; > > [root@ipa-inf-prd-ng2-01 ~]# > > > > > > > > Please suggest as what I am missing. > > > -- > Petr^2 Spacek > > -- > Manage your subscription for the Freeipa-users mailing list: > https://www.redhat.com/mailman/listinfo/freeipa-users > Go to http://freeipa.org for more info on the project >
-- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project