On Fri, 15 Jul 2016, dan.finkelst...@high5games.com wrote:
There was a solution: explicitly disable DNSSEC in /etc/named.conf on
all IPA masters/replicas and restart the named-pkcs11 service. After
that, zone forwarding worked as expected.
If your DNS upstreams don't provide DNSSEC, it is enough
use, distribution, or reproduction of
this message or any attachments is prohibited and may be unlawful.
From: on behalf of Daniel Finkestein
Date: Friday, July 15, 2016 at 12:10
To: "freeipa-users@redhat.com"
Subject: Re: [Freeipa-users] FreeIPA 4.2.0 CentOS 7: DNS zone forwarding
From: on behalf of Daniel Finkestein
Date: Friday, July 15, 2016 at 11:20
To: "freeipa-users@redhat.com"
Subject: [Freeipa-users] FreeIPA 4.2.0 CentOS 7: DNS zone forwarding
Hi all,
I'm trying to follow the directions (and cautions) from here:
http://www.freeipa.org/page/V4/Forw
Hi all,
I'm trying to follow the directions (and cautions) from here:
http://www.freeipa.org/page/V4/Forward_zones, but when I add a new zone
(example2.com) and a forwarding address and set the zone to forward-only, no
records are returned for hosts like, say, testhost.example2.com. The NS recor