On Wed, Mar 22, 2017 at 03:29:06PM -0400, Ranbir wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA512
> 
> Hi Everyone,
> 
> I'm using a fully updated CentOS 7.3 environment for two IPA servers. I
> have one kerberos realm, one dns zone with the same name as the
> kerberos realm and another dns zone with a different name. DNS is
> managed by IPA. For the sake of this message:
> 
> realm: REALM.IPA
> dnszone1: realm.ipa
> dnszone2: random.ipa
> 
> When I join a server that's going into the realm.ipa dns zone to the
> IPA domain, SSHFP records for that server get automatically created in
> realm.ipa. But, when I do the same for a server going into the
> random.ipa dns zone, the SSHFP aren't automatically created. I have to
> do add the SSHFP records manually after the client install completes.
> 
> Why are SSHFP records not added automatically for the second dns zone
> and I how can I fix this situation?
> 
> Thanks in advance.
> 
> Ranbir
> 
> 
> - -- 
> Ranbir
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v2
> 
> iQIcBAEBCgAGBQJY0tCCAAoJEN7T/ly5z1dik3cP/0Xx0Vk0cIfbloYJuVb1ffMH
> mJzKg3BaSEasWL3mJSsgPQS7CZWFi6PgBZLc79nwJhve1tAZC5+pMwVZwY9F7U9a
> liZdK1l7a0agpDwnupISdih5PG6TGNEfVjHezKKwnDgjUWMOqak7BM3KIffjhNzc
> SpuZHUDuY8QD2DeyO8iuuJjt+BUiWJ+Weh1OJq4UKWT68wALc/TbdtLi5OWlFtnV
> rClTbOhPvm8I4Md3DT0vDdhKqPiUvBGPKgse7HZIN9G4W6/wpM3hU1+ETYgXWqIX
> yRSK0rjjxfrWKIqRUB1sCKLlkdd+wMaRa/uCnRgvRhYjYUrwyPaH11N41lvE7zUz
> ccJnaZXkDcIWW9wkAQxx3XXx5vHR33VTS13nkZv4QsHSoJOXcqrsr+Q1r28WmLcZ
> wb3osINWIEmFCX6knZVRZLDhAefHz+FVsJwzsh6iCdqar+LzFvR0hRUJ0Fepxs8M
> bkKEZ3LztTtDssX+AO7CqkMZSQ5DHiT9Yo1gHXr2zTEt3qzxyuE0GjMyXzBWyMV4
> TpOXoRVQMUvEEV2ecpEATBEKghqXOMqhSeGAObfdlEKADTt11u8ONxwutFYPxybD
> Sxfd6yvg2/QvB8GYgLMkENuJWdwbFYrlb3GQ04TKjcW6TklcRyjsI8x/Wg3LjofQ
> AEtlIGyrGau9jPaeHYwd
> =mJn4
> -----END PGP SIGNATURE-----
> 
> -- 
> Manage your subscription for the Freeipa-users mailing list:
> https://www.redhat.com/mailman/listinfo/freeipa-users
> Go to http://freeipa.org for more info on the project

Hello Ranbir,
are other records (A, AAAA, PTR, ...) created for the client in random.ipa and
just SSHFP missing? Is the domain random.ipa properly delegated? Is sshd
installed and keys generated on client in random.ipa?

-- 
David Kupka

Attachment: signature.asc
Description: PGP signature

-- 
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project

Reply via email to