-- Cheers, Tom K. On 1/21/2019 9:33 AM, TomK via FreeIPA-users wrote: > Hey All, > > I've 4 NS servers: > > ipa01.unix.dom.name    192.168.0.44 > ipa02.unix.dom.name    192.168.0.45 > > and remote ones (Just simple named / DNS ) > > dns01.d01.unix.dom.name    192.168.0.130 > dns02.d01.unix.dom.name    192.168.0.132 > > When using: > > 1) ipa dnsforwardzone-add d01.unix.dom.name --forwarder=192.168.0.130 > --forwarder=192.168.0.132 --forward-policy=only > 2) ipa dnsrecord-add unix.dom.name. d01 --ns-rec=d01.unix.dom.name. > > I'm greeted with: > > ipa: ERROR: Nameserver 'd01.unix.dom.name.' does not have a > corresponding A/AAAA record > > So I can add an A record on the IPA servers but perhaps this is > looking for the A record on the forwarding DNS servers 192.168.0.130 > and 192.168.0.132? > > If I'm adding it on the IPA side then I'll add d01 with two IP > addresses to?  Doesn't seem to make sense.  I just need to forward on > d01.  I'm forwarding the whole subzone. > > What I have is: > > > ipa-common-4.5.0-22.el7.centos.noarch > python2-ipaclient-4.5.0-22.el7.centos.noarch > python-ipaddress-1.0.16-2.el7.noarch > ipa-client-common-4.5.0-22.el7.centos.noarch > python-iniparse-0.4-9.el7.noarch > ipa-server-common-4.5.0-22.el7.centos.noarch > ipa-server-dns-4.5.0-22.el7.centos.noarch > python-libipa_hbac-1.15.2-50.el7_4.8.x86_64 > libipa_hbac-1.15.2-50.el7_4.8.x86_64 > python2-ipaserver-4.5.0-22.el7.centos.noarch > sssd-ipa-1.15.2-50.el7_4.8.x86_64 > ipa-client-4.5.0-22.el7.centos.x86_64 > ipa-python-compat-4.5.0-22.el7.centos.noarch > ipa-server-trust-ad-4.5.0-22.el7.centos.x86_64 > python2-ipalib-4.5.0-22.el7.centos.noarch > ipa-server-4.5.0-22.el7.centos.x86_64 > > > >