We don't need anymore:
* sample of zone file - list of all records required by IPa will be
provided
* NTP related params - DNS records will be updated automatically,
based on LDAP values
* CA related params - DNS records will be updated automatically based
* on LDAP values
https://fedorahosted.org/freeipa/ticket/2008
Reviewed-By: Petr Spacek <pspacek@redhat.com>
Because separated calls for of server-show, getting server data is quite
slow. This commit replaces several server-show with one server-find
command. There are future plans to improve speed of server-find that
will be beneficial for DNS locations.
https://fedorahosted.org/freeipa/ticket/2008
Reviewed-By: Petr Spacek <pspacek@redhat.com>
This reverts commit bbf8227e3f.
After deeper investigation, we found out that empty locations are needed
for clients, because clients may have cached records for longer time for
that particular location. Only way how to remove location is to remove
it using location-del
https://fedorahosted.org/freeipa/ticket/2008
Reviewed-By: Petr Spacek <pspacek@redhat.com>
__add_ca_records_from_hostname() now skips over DNS exceptions and
retries resolution until timeout of 120 seconds is reached.
Luckily current logic fails safe: In cases where resolution failed for
all the CA servers, the resulting zone object will not contain ipa-ca
record at all and the update logic will skip update for this name.
I.e. the original values in ipa-ca record set will be left in place.
https://fedorahosted.org/freeipa/ticket/2008
Reviewed-By: Martin Basti <mbasti@redhat.com>
Service weight explains better meaning of attribute than location
weight, because location itself have no weight only services have.
https://fedorahosted.org/freeipa/ticket/2008
Reviewed-By: Petr Spacek <pspacek@redhat.com>
Location records for locations without assigned servers are useless and
we should not generate them.
https://fedorahosted.org/freeipa/ticket/2008
Reviewed-By: Petr Spacek <pspacek@redhat.com>
command dns-update-system-records updates/fixes DNS records for IPA
services:
* updating A, AAAA records for CA
* updating SRV records for LDAP, kerberos and AD trust
* updating TXT record in _kerberos with proper realm
* updating dns locations if used
https://fedorahosted.org/freeipa/ticket/2008
Reviewed-By: Petr Spacek <pspacek@redhat.com>
Reviewed-By: Jan Cholasta <jcholast@redhat.com>
Adding module that allows to work with IPA DNS system records:
* getting system records
* updating system records
* work with DNS locations
https://fedorahosted.org/freeipa/ticket/2008
Reviewed-By: Petr Spacek <pspacek@redhat.com>
Reviewed-By: Jan Cholasta <jcholast@redhat.com>
