Bug 1396594 - Realms using IDM / Remove host and dns records (default zone and reverse)
Summary: Realms using IDM / Remove host and dns records (default zone and reverse)
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Satellite
Classification: Red Hat
Component: Realm
Version: 6.2.4
Hardware: x86_64
OS: Linux
unspecified
high vote
Target Milestone: Unspecified
Assignee: satellite6-bugs
QA Contact: Radovan Drazny
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2016-11-18 17:20 UTC by Waldirio M Pinheiro
Modified: 2020-02-14 18:09 UTC (History)
7 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2018-02-21 17:09:26 UTC
Target Upstream Version:


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Foreman Issue Tracker 10015 0 None None None 2017-01-13 17:55:58 UTC

Description Waldirio M Pinheiro 2016-11-18 17:20:38 UTC
Description of problem:
Actually, when removing one client from Satellite, when using IDM as realm, the host entry is removed from IDM, but dns information still there.

It's possible to reproduce the same behavior only with idm, according steps below

Version-Release number of selected component (if applicable):
Satellite 6.2.4 / IDM 4.4.0

How reproducible:
100

Steps to Reproduce:
1. Remove content host with realms or remove the host directly via idm (webUI or cli - ipa host-del <content host - fqdn>)
2. Check dns records on IDM
3. if use the command below, the machine and all dns records will be removed
# ipa host-del --updatedns <content host - fqdn>

Actual results:
dns records still on idm

Expected results:
remove everything, host information, dns records from default and reverse maps.

Additional info:

Comment 8 Stephen Benjamin 2017-01-13 17:55:59 UTC
Looks like it's an actual bug that was fixed upstream:    http://projects.theforeman.org/issues/10015

The fix for this is to add "System: Add DNS Entries" permission to the Smart Proxy Host Management privilege in IPA.

Comment 14 Radovan Drazny 2017-10-31 14:00:37 UTC
Verified on Satellite 6.3 Snap 21 and ipa-server-4.5.0-21.el7_4.2.2 with a realm configuration. 

"System: Read DNS Entries", "System: Add DNS Entries", "System: Remove DNS Entries" and "System: Update DNS Entries" are all present for Smart Proxy Host Management privilege after the default install. 

* Satellite correctly created both a host object and a DNS records on the freeipa server for a freshly discovered and provisioned server

* Upon the removal of the host from the Satellite, all DNS record are automatically removed from the freeipa server.

VERIFIED

Comment 15 Bryan Kearney 2018-02-21 17:09:26 UTC
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA.

For information on the advisory, and where to find the updated files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2018:0336


Note You need to log in before you can comment on or make changes to this bug.