cancel
Showing results for 
Search instead for 
Did you mean: 
jnmalledo
Mission Specialist
Mission Specialist
  • 329 Views

IdM replica server in different zone

Hi,

I'm preparing for the EX368 exam, using a custom lab in my home. I created a little vm machine (setihome06) for the local DNS environment, serving the "setihome.net" and "1.168.192.in-addr.arpa" zones.

IdM server is setihome02.setihome.net, and was configured using the domain lab.setihome.net, setting up setihome06 as forwarder with no issues at all:

[root@setihome02 ~]# ipa-server-install \

--ds-password=XXX    \

--admin-password=XXX  \

--domain=lab.setihome.net   \

--realm=LAB.SETIHOME.NET    \

--setup-dns                 \

--auto-reverse              \

--forwarder=192.168.1.166

Now I want to configure setihome03.setihome.net as a replica server using the manual method (not ansible, not yet) and there's an issue while creating the host object:

[root@setihome02 ~]# ipa hostgroup-show ipaservers

  Host-group: ipaservers

  Description: IPA server hosts

  Member hosts: setihome02.setihome.net

[root@setihome02 ~]# ipa host-add --random setihome03.setihome.net

ipa: ERROR: All nameservers failed to answer the query setihome03.setihome.net. IN A: Server 127.0.0.1 UDP port 53 answered SERVFAIL

It seems to be that IdM is not forwarding to setihome06 (192.168.1.166) the query for parent domain setihome.net for the new replica server. And yes, it is configured:

[root@setihome02 log]# dig +short @192.168.1.166 setihome03.setihome.net

192.168.1.163

Is there anything I need to configure?

0 Replies
Join the discussion
You must log in to join this conversation.