Bug 1314837 - Web interface not showing ipa forwarders
Web interface not showing ipa forwarders
Status: CLOSED ERRATA
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: ipa (Show other bugs)
7.2
x86_64 Linux
unspecified Severity medium
: rc
: ---
Assigned To: IPA Maintainers
Kaleem
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2016-03-04 11:22 EST by David Bensimon
Modified: 2016-11-04 01:51 EDT (History)
5 users (show)

See Also:
Fixed In Version: ipa-4.4.0-1.el7
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2016-11-04 01:51:45 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description David Bensimon 2016-03-04 11:22:28 EST
Description of problem: Running `ipa-server-install --forwarder=<host>` creates an entry in /etc/named.conf and a working configuration, however it does not place that entry in 389 Directory, making therefore inaccessible by the IdM Web UI and the `ipa dnsconfig-show` command. 


Version-Release number of selected component (if applicable):
IdM 4.2.0 on RHEL 7.2

How reproducible:
Tested once

Steps to Reproduce:
1. Set up an IdM Sever and specify DNS forwarder.
# ipa-server-install --forwarder=<host>

2. Validate the forwarder host is present in /etc/named.conf [GOOD]

3. Validate name resolution requiring forwarder using dig [GOOD]
Note: pcap confirms resolution is using forwarders

4) Probe 389 Directory for forwarder entries [BROKEN]
# ipa dnsconfig-show
EXPECTED: display forwarder host address

5) Probe WebUI for forwarder entries [BROKEN]
Network Services > DNS > DNS Global Configuration
EXPECTED: display forwarder host address


Actual results:
no forwarder host address displayed

Expected results:
display forwarder host address

Additional info:
We configured IPA server to use 2 DNS forwarders.
Comment 2 Petr Vobornik 2016-03-11 08:03:48 EST
Upstream ticket:
https://fedorahosted.org/freeipa/ticket/5732
Comment 3 Petr Vobornik 2016-06-29 06:58:29 EDT
Upstream ticket:
https://fedorahosted.org/freeipa/ticket/5997
Comment 4 Petr Vobornik 2016-06-29 07:03:29 EDT
With fix implemented in scope of upstream ticket 5732 (comment 2), new installations with IPA 4.4 will have the forwarders which were specified in ipa-server-install visible in Web UI and CLI.

In existing installations the values won't be migrated on upgrade and thus they will be still only in named.conf. It will be possible to migrated them to ldap manually.

Automatic migration is tracked in upstream ticket 5997. But implementation of this ticket is not planned for any upcoming IPA release yet.
Comment 5 Petr Vobornik 2016-07-13 10:34:38 EDT
Moving to modified given that core is done. More details in comment 4.
Comment 7 Martin Bašti 2016-09-19 06:59:05 EDT
Please note that forwarders configured in installation are only for the local DNS server. So Forwarders will not show in global DNS config (dnsconfig-show).

To determine per server forwarders, please use dnsserver-show and counterpart in webUI in servers section.

To verify steps 4) and 5), please use dnsserver-show <ipaDNSserver>
Comment 8 Nikhil Dehadrai 2016-09-19 10:52:54 EDT
IPA-server version: ipa-server-4.4.0-12.el7.x86_64

Verified the bug on the basis of following steps:
FRESH-Setup
--------------
1. Verified that ipa-server can be setup with forwarders .
2. Verified that forwarder information is correctly displayed on running following command:
# ipa dnsserver-show `hostname`
  Server name: auto.testrelm.test
  SOA mname override: auto.testrelm.test.
  Forwarders: 10.x.x.x
  Forward policy: only
# ipa dnsserver-find `hostname`
--------------------
1 DNS server matched
--------------------
  Server name: auto.testrelm.test
  SOA mname override: auto.testrelm.test.
  Forwarders: 10.x.x.x
  Forward policy: only
----------------------------
Number of entries returned 1
----------------------------


3. Also verified that the DNS forwarder details are available at server UI at path:
"Network Services > DNS > DNS Servers > "Server name" > Forwarders:"

Upgrade:
-----------
4. Also noticed that the above observations does not work in case of upgrade, thus logged a separate bug "Bz1377392" for it.

Thus on the basis of above observations marking status of bug to "VERIFIED".
Comment 11 errata-xmlrpc 2016-11-04 01:51:45 EDT
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHBA-2016-2404.html

Note You need to log in before you can comment on or make changes to this bug.