Hide Forgot
Description of problem: Actually, when removing one client from Satellite, when using IDM as realm, the host entry is removed from IDM, but dns information still there. It's possible to reproduce the same behavior only with idm, according steps below Version-Release number of selected component (if applicable): Satellite 6.2.4 / IDM 4.4.0 How reproducible: 100 Steps to Reproduce: 1. Remove content host with realms or remove the host directly via idm (webUI or cli - ipa host-del <content host - fqdn>) 2. Check dns records on IDM 3. if use the command below, the machine and all dns records will be removed # ipa host-del --updatedns <content host - fqdn> Actual results: dns records still on idm Expected results: remove everything, host information, dns records from default and reverse maps. Additional info:
Looks like it's an actual bug that was fixed upstream: http://projects.theforeman.org/issues/10015 The fix for this is to add "System: Add DNS Entries" permission to the Smart Proxy Host Management privilege in IPA.
Verified on Satellite 6.3 Snap 21 and ipa-server-4.5.0-21.el7_4.2.2 with a realm configuration. "System: Read DNS Entries", "System: Add DNS Entries", "System: Remove DNS Entries" and "System: Update DNS Entries" are all present for Smart Proxy Host Management privilege after the default install. * Satellite correctly created both a host object and a DNS records on the freeipa server for a freshly discovered and provisioned server * Upon the removal of the host from the Satellite, all DNS record are automatically removed from the freeipa server. VERIFIED
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2018:0336