Well since I've done a clean ipaclient install on this client, the ipa-client-install should have taken care of it, which it obviously didn't. I think an update for the default sssd.conf is in order.
Rob Op vr 19 apr. 2019 om 17:46 schreef François Cami <fc...@redhat.com>: > On Fri, Apr 19, 2019 at 5:40 PM Rob Verduijn <rob.verdu...@gmail.com> > wrote: > > > > hmmm got it to work (some rtfm helped) > > > > from the sssd-ipa man page > > dyndns_refresh_interval (integer) > > How often should the back end perform periodic DNS update in > addition to the automatic update performed when the back end goes online. > This option is optional and applicable only when dyndns_update is true. > > > > Default: 0 (disabled) > > > > This was never needed before, where did this come from ? > > I think this is part of sssd 2.1.0: > > https://github.com/SSSD/sssd/commit/df9e4802c060fc21d38f238265805092352e5c95 > > > Why is this suddenly biting me ? > > If your other hosts are older the codepath might be different. > > > Anyway my ansible playbooks will see to it that this gets distributed > accross my systems. > > What would be a sane value ? 2400 ? > > I don't know, maybe a sssd developer will chime in. But it depends how > long you're prepared to wait for the DNS update to happen I guess. > > > Rob > > > > > > Op vr 19 apr. 2019 om 16:57 schreef François Cami <fc...@redhat.com>: > >> > >> On Fri, Apr 19, 2019 at 4:47 PM Rob Verduijn <rob.verdu...@gmail.com> > wrote: > >> > > >> > debug level 9 is really verbose, and I'm not sure what I'm looking for > >> > So far I found this > >> > > >> > [ipa_init_dyndns] Dynamic DNS updates are on. Checking for nsupdate... > >> > [ipa_init_dyndns] (0x0100): nsupdate is available > >> > [ipa_dyndns_init] (0x0040): Dyndns task can't be started, > dyndns_refresh_interval is 0 > >> > [ipa_init_dyndns] (0x0080): Failure setting up automatic DNS update > >> > > >> > What causes this ? > >> > >> There's a timer, I think. What happens if you wait a bit? > >> Can you compare to another host? > >> > >> > Rob > >> > > >> > Op vr 19 apr. 2019 om 16:27 schreef François Cami <fc...@redhat.com>: > >> >> > >> >> Hi, > >> >> > >> >> On Fri, Apr 19, 2019 at 4:00 PM Rob Verduijn via FreeIPA-users > >> >> <freeipa-users@lists.fedorahosted.org> wrote: > >> >> > > >> >> > Hello, > >> >> > > >> >> > I have this laptop that is an ipa domain member. > >> >> > And the login/sudo/automount all works fine. > >> >> > However the dns entries of the laptop are not updated when the > laptop starts up and gets a new ipaddress. > >> >> > > >> >> > I've looked in several configs and compared to other systems that > work but can't seem to find it. > >> >> > > >> >> > Anybody got an idea where to look ? > >> >> > >> >> Please enable debug mode in sssd. > >> >> debug_level = 9 > >> >> should be enough, in the domain section of sssd.conf. > >> >> Restart sssd and then make sure the laptop gets a new address on > startup. > >> >> > >> >> François > >> >> > >> >> > Rob > >> >> > > >> >> > my sssd.conf > >> >> > [domain/example.com] > >> >> > id_provider = ipa > >> >> > ipa_server = _srv_, freeipa01.example.com > >> >> > ipa_domain = example.com > >> >> > ipa_hostname = laptop.example.com > >> >> > auth_provider = ipa > >> >> > chpass_provider = ipa > >> >> > access_provider = ipa > >> >> > cache_credentials = True > >> >> > ldap_tls_cacert = /etc/ipa/ca.crt > >> >> > dyndns_update = True > >> >> > dyndns_iface = * > >> >> > krb5_store_password_if_offline = True > >> >> > autofs_provider = ipa > >> >> > ipa_automount_location = laptop > >> >> > [sssd] > >> >> > services = nss, pam, ssh, sudo, autofs > >> >> > domains = example.com > >> >> > [nss] > >> >> > homedir_substring = /home > >> >> > [pam] > >> >> > [sudo] > >> >> > [autofs] > >> >> > [ssh] > >> >> > [pac] > >> >> > [ifp] > >> >> > [secrets] > >> >> > [session_recording] > >> >> > > >> >> > > >> >> > _______________________________________________ > >> >> > FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org > >> >> > To unsubscribe send an email to > freeipa-users-le...@lists.fedorahosted.org > >> >> > Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html > >> >> > List Guidelines: > https://fedoraproject.org/wiki/Mailing_list_guidelines > >> >> > List Archives: > https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org >
_______________________________________________ FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org