Red Hat Bugzilla – Bug 815145
[RFE] Command to enable/disable IPA server in DNS
Last modified: 2016-02-19 06:58:21 EST
Request to add an enable/disable IPA server command to the "ipa" CLI.
It's causing long waits with clients such as pam_krb5 and other client tools when there is an issue with an IPA server, such as a hardware fault, requiring the IPA server to be unavailable for an extended period of time.
For such a case it's not wanted to remove the entire replica.
In this case it would be very useful to easily be able to remove this servers ldap and kerberos SRV entries in DNS.
I would suggest a command such as:
ipa dns-disable-ipa IPA-SERVER-FQDN --dns-zone=STR
ipa dns-enable-ipa IPA-SERVER-FQDN --dns-sone=STR --priority=INT --weight=INT
Where the "dns-zone" is optional. specifying what DNS zone to add/remove entries from, if not the default dns zone.
The "priority" and "weight" options are optional and directly related to their function in the SRV DNS records for when the SRV records are added back in.
The dns-enable-ipa command should also be accepted with new values for "priority" and "weight" if the DNS SRV records for the specified IPA server already exists.
Thank you taking your time and submitting this request for Red Hat Enterprise Linux. The request was cloned to the upstream tracker long time ago (see link to the upstream ticket above), but it was unfortunately not given a priority neither in the upstream project, nor in Red Hat Enterprise Linux.
Given that this request is not planned for a close release, it is highly unlikely it will be fixed in this major version of Red Hat Enterprise Linux. We are therefore closing the request as WONTFIX.
To request that Red Hat reconsiders the decision, please reopen the Bugzilla with the help of Red Hat Customer Service and provide additional business and/or technical details about it's importance to you. Please note that you can still track this request or even offer help in the referred upstream Trac ticket to expedite the solution.