[Freeipa-users] Re: IPA-clients fail to update DNS: "response to GSS-TSIG query was unsuccessful"

Still true. :-) # ipa dnszone-show dev.mcs.az-eastus2.mob.nuance.com --all dn: idnsname=dev.mcs.az-eastus2.mob.nuance.com .,cn=dns,dc=mob,dc=nuance,dc=com Zone name: dev.mcs.az-eastus2.mob.nuance.com. Active zone: TRUE Managedby permission: cn=Manage DNS zone

[Freeipa-users] Re: IPA-clients fail to update DNS: "response to GSS-TSIG query was unsuccessful"

I meant dynamic updates in zone config. ipa dnszone-show dev.mcs.az-eastus2.mob.nuance.com --all On 06.06.2017 19:08, Josh Pavel wrote: Dynamic updates are enabled: dynamic-db "ipa" { library "ldap.so"; arg "uri

[Freeipa-users] Re: IPA-clients fail to update DNS: "response to GSS-TSIG query was unsuccessful"

Dynamic updates are enabled: dynamic-db "ipa" { library "ldap.so"; arg "uri ldapi://%2fvar%2frun%2fslapd-MOB-NUANCE-COM.socket"; arg "base cn=dns, dc=mob,dc=nuance,dc=com"; arg "server_id freeipa-01.dev.mcs.az-eastus2.mob.nuance.com"; arg "auth_method sasl"; arg "sasl_mech GSSAPI"; arg

[Freeipa-users] Re: IPA-clients fail to update DNS: "response to GSS-TSIG query was unsuccessful"

On 06.06.2017 13:00, Martin Bašti via FreeIPA-users wrote: On 05.06.2017 20:39, Josh Pavel via FreeIPA-users wrote: I have a setup with 2 zones: My IPA realm is mob.nuance.com My first IPA server was built out with the DNS zone prod.mcs.som.mob.nuance.com

[Freeipa-users] Re: IPA-clients fail to update DNS: "response to GSS-TSIG query was unsuccessful"

On 05.06.2017 20:39, Josh Pavel via FreeIPA-users wrote: I have a setup with 2 zones: My IPA realm is mob.nuance.com My first IPA server was built out with the DNS zone prod.mcs.som.mob.nuance.com My second IPA server is in a DNS