Hello,
I have two questions:
1. How can the default DNS grants be restored, or fixed, without knowing what they were? 2. Where can I get information about grants? I can't seem to find where they're documented.
I was trying to get DDNS updates to work from DHCP server, and the documentation doesn't mention executing 'ipa dnszone-mod example.com. --update-policy="grant rndc-key wildcard * ANY;"' will overwrite the current grants breaking the DNS portion of ipa-client-install.
Environment:
* Fedora 26 * FreeIPA 4.4.4 from Fedora repos * ISC DHCP server 4.3.5 from Fedora repos
Ryan
None via FreeIPA-users wrote:
Hello,
I have two questions:
- How can the default DNS grants be restored, or fixed, without knowing what they were?
- Where can I get information about grants? I can't seem to find where they're documented.
I was trying to get DDNS updates to work from DHCP server, and the documentation doesn't mention executing 'ipa dnszone-mod example.com. --update-policy="grant rndc-key wildcard * ANY;"' will overwrite the current grants breaking the DNS portion of ipa-client-install.
Environment:
- Fedora 26
- FreeIPA 4.4.4 from Fedora repos
- ISC DHCP server 4.3.5 from Fedora repos
This will reset it:
$ ipa dnszone-mod example.com. --update-policy="grant EXAMPLE.COM krb5-self * A; grant EXAMPLE.COM krb5-self * AAAA; grant EXAMPLE.COM krb5-self * SSHFP;"
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/htm...
rob
freeipa-users@lists.fedorahosted.org