Bug 709332

Summary: IPA Replica Installation Fails - reverse address doesn't match error
Product: Red Hat Enterprise Linux 6 Reporter: Ken Reilly <kreilly>
Component: ipaAssignee: Rob Crittenden <rcritten>
Status: CLOSED ERRATA QA Contact: Chandrasekar Kannan <ckannan>
Severity: urgent Docs Contact:
Priority: urgent    
Version: 6.1CC: benl, dpal, jgalipea, jwest, mgregg, mkosek, nsoman, pm-eus, rcritten, shaines, tcapek
Target Milestone: rcKeywords: ZStream
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: ipa-2.0.0-23.el6_1.1 Doc Type: Bug Fix
Doc Text:
When a new reverse zone is created via the ipa-replica-prepare script, the wrong DNS entry is updated, which eventually causes an installation of a replica server to fail. To get the correct DNS entries set up when creating a replica package for an installation of a replica server, restart named service after creating replica package.
 Story Points: ---
Clone Of: Environment:
Last Closed: 2011-06-15 00:22:11 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 704012    
Bug Blocks:    

Description Ken Reilly 2011-05-31 12:17:03 UTC 
This bug has been copied from bug #704012 and has been proposed
to be backported to 6.1 z-stream (EUS).
Comment 4 Tomas Capek 2011-06-06 09:56:00 UTC 
    Technical note added. If any revisions are required, please edit the "Technical Notes" field
    accordingly. All revisions will be proofread by the Engineering Content Services team.
    
    New Contents:
When a new reverse zone was created via the ipa-replica-prepare script, the wrong DNS entry was updated, which eventually caused an installation of a replica server to fail. This bug has been fixed and the correct DNS entries are now set up when creating a replica package for an installation of a replica server.
Comment 5 Namita Soman 2011-06-10 12:09:13 UTC 
Tested using ipa-server-2.0.0-23.el6_1.1.x86_64 

The replica install fails with same error.
ERROR    The DNS forward record apollo.testrelm. does not match the reverse address apollo.idm.lab.bos.redhat.com.

Can install replica, if i follow steps below -
on master, create replica pkg
on master, restart named service
on slave, run install
Comment 6 Martin Kosek 2011-06-10 12:24:32 UTC 
I think this is OK. The steps you described including named restart are needed. If the named service is not restarted, it won't serve the new DNS zone created during ipa-replica-prepare.
Comment 7 Namita Soman 2011-06-10 13:27:38 UTC 
So went back to starting named after creatign replica package. Can install replica successfully. Also verified 

output for command below:
#ipa dnsrecord-find --all

includes among other records, the below:
dn: idnsname=apollo,idnsname=testrelm,cn=dns,dc=testrelm
  Record name: apollo
  A record: 10.16.96.78
  objectclass: top, idnsrecord



where master is running on apollo. and this does not include an A record for the replica ip, as expected.

updated technical notes with proposed edits - to indicate that named service should be restarted for replica install to succeed, if it is in a different zone
Comment 8 Namita Soman 2011-06-10 13:27:38 UTC 
    Technical note updated. If any revisions are required, please edit the "Technical Notes" field
    accordingly. All revisions will be proofread by the Engineering Content Services team.
    
    Diffed Contents:
@@ -1 +1 @@
-When a new reverse zone was created via the ipa-replica-prepare script, the wrong DNS entry was updated, which eventually caused an installation of a replica server to fail. This bug has been fixed and the correct DNS entries are now set up when creating a replica package for an installation of a replica server.+When a new reverse zone is created via the ipa-replica-prepare script, the wrong DNS entry is updated, which eventually causes an installation of a replica server to fail. To get the correct DNS entries set up when creating a replica package for an installation of a replica server, restart named service after creating replica package.
Comment 9 errata-xmlrpc 2011-06-15 00:22:11 UTC 
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHBA-2011-0865.html