On 05.01.2017 20:03, TomK wrote:
Hey All,
QQ.
Should the DNS forwarders be updated in /etc/named.conf? Until I
manually change /etc/named.conf, can't ping the windows AD cluster:
mds.xyz. Nor can I get dig to resolve the SRV records (dig SRV
_ldap._tcp.mds.xyz).
sssd-ipa-1.14.0-43.el7_3.4.x86_64
ipa-client-4.4.0-14.el7.centos.x86_64
IPA command below indicates that it's set to 'first' but that's not
what's in /etc/named.conf file when I check. Again, it works if I
change /etc/named.conf manually.
Forwarder settings has priority:
named.conf < global forwarders (ipa dnsconfig-mod) < local dns server
config (ipa dnsserver-*) < forwardzones (applied per query, not as
global forwarder)
so what is in named.conf is usually always overwritten
How did you edited the named.conf?
Does dig @192.168.0.224 SRV _ldap._tcp.mds.xyz. works?
Do you have any errors in journalctl -u named-pkcs11 ??
Martin
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project
