Bug 1258626 - realmdomains-mod --add-domain command throwing error when doamin already is in forwardzone.
Summary: realmdomains-mod --add-domain command throwing error when doamin already is i...
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: ipa
Version: 7.2
Hardware: x86_64
OS: Linux
unspecified
unspecified
Target Milestone: rc
: ---
Assignee: IPA Maintainers
QA Contact: Namita Soman
URL:
Whiteboard:
Keywords:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2015-08-31 20:15 UTC by Varun Mylaraiah
Modified: 2016-11-04 05:46 UTC (History)
5 users (show)

(edit)
Clone Of:
(edit)
Last Closed: 2016-11-04 05:46:22 UTC


Attachments (Terms of Use)


External Trackers
Tracker ID Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2016:2404 normal SHIPPED_LIVE ipa bug fix and enhancement update 2016-11-03 13:56:18 UTC

Description Varun Mylaraiah 2015-08-31 20:15:38 UTC
Description of problem:
realmdomains-mod --add-domain command throwing error when doamin already is in forwardzone

Version-Release number of selected component (if applicable):
ipa-server-4.2.0-8.el7.x86_64

How reproducible:
100%

Steps to Reproduce:
1.On IPA server, add conditional forwarder for domain.
2.try to add a domain to the list of IPA realmdomains (domain should already setup as forwardzone)

Actual results:
ipa: ERROR: no modifications to be performed
and 
ipa: ERROR: invalid 'dnszoneidnsname': only master zones can contain records (after remove it and re-add it)


Additional info:
root@master72 ~]# ipa realmdomains-mod --add-domain=adlabs.com
ipa: ERROR: no modifications to be performed

[root@master72 ~]# ipa realmdomains-show
Domain: adlabs.com, ipa.adlabs.com

[root@master72 ~]# ipa realmdomains-mod --del-domain=adlabs.com
ipa: ERROR: invalid 'dnszoneidnsname': only master zones can contain records
 
[root@master72 ~]# ipa realmdomains-show
  Domain: ipa.adlabs.com
 
[root@master72 ~]# ipa realmdomains-mod --add-domain=adlabs.com
ipa: ERROR: invalid 'dnszoneidnsname': only master zones can contain records
 
[root@master72 ~]# ipa realmdomains-show
  Domain: adlabs.com, ipa.adlabs.com

Comment 2 Petr Vobornik 2015-09-01 08:16:11 UTC
Upstream ticket:
https://fedorahosted.org/freeipa/ticket/5278

Comment 6 Mike McCune 2016-03-28 22:43:24 UTC
This bug was accidentally moved from POST to MODIFIED via an error in automation, please see mmccune@redhat.com with any questions

Comment 8 Varun Mylaraiah 2016-09-19 06:49:21 UTC
Verified
ipa-server-4.4.0-12.el7.x86_64

[root@master73 ~]# ipa realmdomains-show
  Domain: ytestrelm.test

[root@master73 ~]# ipa dnszone-add newzone.test
  Zone name: newzone.test.
  Active zone: TRUE
  Authoritative nameserver: master73.ytestrelm.test.
  Administrator e-mail address: hostmaster
  SOA serial: 1474267032
  SOA refresh: 3600
  SOA retry: 900
  SOA expire: 1209600
  SOA minimum: 3600
  BIND update policy: grant YTESTRELM.TEST krb5-self * A; grant YTESTRELM.TEST krb5-self * AAAA; grant YTESTRELM.TEST krb5-self * SSHFP;
  Dynamic update: FALSE
  Allow query: any;
  Allow transfer: none;

[root@master73 ~]# ipa realmdomains-show
  Domain: ytestrelm.test, newzone.test

[root@master73 ~]# ipa realmdomains-mod --del-domain=newzone.test
  Domain: ytestrelm.test

[root@master73 ~]# ipa realmdomains-mod --add-domain=newzone.test
ipa: ERROR: invalid 'domain': The realm of the following domains could not be detected: newzone.test. If these are domains that belong to the this realm, please create a _kerberos TXT record containing "YTESTRELM.TEST" in each of them.

[root@master73 ~]# ipa realmdomains-mod --add-domain=newzone.test --force
  Domain: ytestrelm.test, newzone.test

[root@master73 ~]# ipa realmdomains-mod --del-domain=newzone.test
  Domain: ytestrelm.test

Comment 10 errata-xmlrpc 2016-11-04 05:46:22 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHBA-2016-2404.html


Note You need to log in before you can comment on or make changes to this bug.