When a new DNS zone (reverse/forward) is created by ipa-replica-prepare and the zone is not managed by IPA yet, a new zone is automatically created.
ipa-replica-prepare
However, the zone nameserver is set to the current hostname which doesn't have to have a bind installed (e.g. a replica for bind-powered master).
bind
Right now, I see 2 possible solutions: 1. Fix ipa-replica-prepare to get a list of DNS powered masters (this would have to be implemented) and add them to NS for new zone 2. Forbid automatic creation of DNS zone in ipa-replica-prepare as we do in ipa host-add $HOST --ip-address=$IP_ADDRESS and let the administrator to properly create the DNS zone first
ipa host-add $HOST --ip-address=$IP_ADDRESS
Ad 1: a search for cn=masters,cn=ipa,cn=etc,$SUFFIX should do the trick
cn=masters,cn=ipa,cn=etc,$SUFFIX
master: f215089
Metadata Update from @mkosek: - Issue assigned to mkosek - Issue set to the milestone: FreeIPA 2.1 - 2011/06
Login to comment on this ticket.