On 29.4.2016 17:46, Wanka, Silvio wrote: > Hi, > > if I search in the web for this problem I don’t find an useable solution, > maybe my search pattern is wrong. ;-) > > I have setup an IPA domain with integrated DNS but because the most systems > here are Windows servers and clients the IPA clients must use the same IP > ranges. So the reverse zones are located on AD domain controllers. These > reverse zones are of course configured as forward zones on the IPA DNS > server. So reverse lookup works properly for all AD computers but I miss a > possibility that if we join a computer to IPA which adds a DNS record or > manually add a DNS record that the reverse record will be automatically added > on AD site as it would be done if the reverse zone would be located on IPA > site. > Is there the only possibility to manage the reverse record on AD site > manually or update/refresh it per regular running script? > > I have a one-way trust to AD but won’t change it to two-way, if necessary and > possible I would use a special AD account for that.
I can see two options: - configure DHCP server to somehow update the DNS server (to avoid authentication of client machines to to the DNS server for updates) - use two-way trust - you already denied this option Sorry, we do not have better answer for you right now. -- Petr^2 Spacek -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project