Hide Forgot
Description of problem: using the command "ipa host-del <client machine> --updatedns" is not deleting completely the dns entries. For instance, this entry remains: dn: idnsName=ipaclient,idnsname=example.com.,cn=dns,dc=example,dc=com The entry is modified with "--updatedns": ====================================== time: 20160125074150 dn: idnsName=ipaclient,idnsname=example.com.,cn=dns,dc=example,dc=com changetype: modify delete: aAAARecord - replace: modifiersname modifiersname: uid=admin,cn=users,cn=accounts,dc=example,dc=com - ====================================== and ======================================= time: 20160125074150 dn: idnsname=example.com.,cn=dns,dc=example,dc=com changetype: modify replace: idnsSOAserial idnsSOAserial: 1453725712 - replace: modifiersname modifiersname: krbprincipalname=dns/ipaserver.example.com,cn=servi ces,cn=accounts,dc=example,dc=com - ======================================= but it's not clear to me yet why the entry is not completely deleted. Feel free to close this bug if you think it's irrelevant. Version-Release number of selected component (if applicable): ipa-server-4.2.0-15.el7_2.3.x86_64 How reproducible: always Additional info: workaround: ipa dnsrecord-del example.com. ipaclient which will finish to do: ====================================== time: 20160125075333 dn: idnsname=ipaclient,idnsname=example.com.,cn=dns,dc=example,dc=com changetype: delete modifiersname: uid=admin,cn=users,cn=accounts,dc=example,dc=com =======================================
German, could you paste here content of idnsName=ipaclient,idnsname=example.com.,cn=dns,dc=example,dc=com after the mod operation which removed the AAAA record?
Upstream ticket: https://fedorahosted.org/freeipa/ticket/5675
Summary of internal discussion """ So can we summarize and agree that: a) It is a good idea to have an option to clean DNS record on the host-del b) Since there are already expectations about system behavior this option would not be enabled by default. """
Fixed upstream master: https://fedorahosted.org/freeipa/changeset/40e3a0bf63c766fc281517c9d192907376c2d353 https://fedorahosted.org/freeipa/changeset/9a0f92be0dc1dc22827c918b5808b1ccb4e4b409 https://fedorahosted.org/freeipa/changeset/bea066c33647c16a7b18deb1392838acb831ac88 https://fedorahosted.org/freeipa/changeset/1e70d6b914656d670f9afed26ccd5f93e3aa54d5 https://fedorahosted.org/freeipa/changeset/e8c8134eee159fa6eb7c8f2156c328798abdda80 https://fedorahosted.org/freeipa/changeset/54e3859595e1f5f2e669b8af20afdac1187d8cd7
Verified. Version :: ipa-server-4.4.0-9.el7.x86_64 Results :: [root@master ~]# ipa host-add myhost.ipa.test --ip-address=192.168.122.99 ---------------------------- Added host "myhost.ipa.test" ---------------------------- Host name: myhost.ipa.test Principal name: host/myhost.ipa.test Principal alias: host/myhost.ipa.test Password: False Keytab: False Managed by: myhost.ipa.test [root@master ~]# ldapsearch -xLLL -D "cn=Directory Manager" -w Secret123 -b idnsname=myhost,idnsname=ipa.test.,cn=dns,dc=ipa,dc=test dn: idnsname=myhost,idnsname=ipa.test.,cn=dns,dc=ipa,dc=test objectClass: top objectClass: idnsrecord aRecord: 192.168.122.99 idnsName: myhost [root@master ~]# ipa host-del --updatedns myhost.ipa.test ------------------------------ Deleted host "myhost.ipa.test" ------------------------------ [root@master ~]# ldapsearch -xLLL -D "cn=Directory Manager" -w Secret123 -b idnsname=myhost,idnsname=ipa.test.,cn=dns,dc=ipa,dc=test No such object (32) Matched DN: idnsname=ipa.test.,cn=dns,dc=ipa,dc=test [root@master ~]# echo $? 32
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://rhn.redhat.com/errata/RHBA-2016-2404.html