In the following scenario:
The last step fails with:
2013-02-25T16:15:04Z DEBUG [1/9]: adding NS record to the zone 2013-02-25T16:15:04Z DEBUG raw: dnsrecord_add(u'example.com', u'@', nsrecord=u'a.example.com.', force=True) 2013-02-25T16:15:04Z DEBUG dnsrecord_add(u'example.com', u'@', a_extra_create_reverse=False, aaaa_extra_create_reverse=False, nsrecord=(u'a.example.com.',), force=True, structured=False, all=False, raw=False) 2013-02-25T16:15:04Z INFO File "/usr/lib/python2.7/site-packages/ipaserver/install/installutils.py", line 612, in run_script return_value = main_function() File "/sbin/ipa-dns-install", line 238, in main bind.create_instance() File "/usr/lib/python2.7/site-packages/ipaserver/install/bindinstance.py", line 509, in create_instance self.start_creation() File "/usr/lib/python2.7/site-packages/ipaserver/install/service.py", line 362, in start_creation method() File "/usr/lib/python2.7/site-packages/ipaserver/install/bindinstance.py", line 585, in __add_self_ns add_ns_rr(self.domain, api.env.host, self.dns_backup, force=True) File "/usr/lib/python2.7/site-packages/ipaserver/install/bindinstance.py", line 325, in add_ns_rr force=force) File "/usr/lib/python2.7/site-packages/ipaserver/install/bindinstance.py", line 304, in add_rr api.Command.dnsrecord_add(unicode(zone), unicode(name), **addkw) File "/usr/lib/python2.7/site-packages/ipalib/frontend.py", line 435, in __call__ ret = self.run(*args, **options) File "/usr/lib/python2.7/site-packages/ipalib/frontend.py", line 747, in run return self.execute(*args, **options) File "/usr/lib/python2.7/site-packages/ipalib/plugins/baseldap.py", line 1036, in execute self._exc_wrapper(keys, options, ldap.add_entry)(dn, entry_attrs) File "/usr/lib/python2.7/site-packages/ipalib/plugins/baseldap.py", line 957, in wrapped return func(*call_args, **call_kwargs) File "/usr/lib/python2.7/site-packages/ipalib/plugins/baseldap.py", line 965, in exc_func self, keys, options, e, call_func, *args, **kwargs) File "/usr/lib/python2.7/site-packages/ipalib/plugins/dns.py", line 2461, in exc_callback ldap.update_entry(dn, entry_attrs, **call_kwargs) File "/usr/lib/python2.7/site-packages/ipaserver/ipaldap.py", line 1594, in update_entry self.conn.modify_s(dn, modlist) File "/usr/lib64/python2.7/contextlib.py", line 35, in __exit__ self.gen.throw(type, value, traceback) File "/usr/lib/python2.7/site-packages/ipaserver/ipaldap.py", line 916, in error_handler raise errors.ObjectclassViolation(info=info) 2013-02-25T16:15:04Z INFO The ipa-dns-install command failed, exception: ObjectclassViolation: missing attribute "idnsSOAserial" required by object class "idnsZone"
Ticket has been cloned to Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=918259
Since SOA serial autoincrement was added ([changeset:9d69db8 here]), we don't replicate the idnsSOAserial attribute. This means that the attribute is missing in DNS zones replicated from other masters, but since the attribute is required, any attempt to modify the "@" record of such zones will fail with !ObjectclassViolation.
This should be fixed once we have DS plugin to manage idnsSOAserial, as described in #3347.
Ticket #3347 closed, closing this one as well.
master:[[BR]] b5b040e Configure ipa_dns DS plugin on install and upgrade[[BR]] 952a7ac Add 389 DS plugin for special idnsSOASerial attribute handling[[BR]]
ipa-3-1:[[BR]] 9cb2c75 Configure ipa_dns DS plugin on install and upgrade[[BR]] 6f395d9 Add 389 DS plugin for special idnsSOASerial attribute handling[[BR]]
Metadata Update from @jcholast: - Issue assigned to jcholast - Issue set to the milestone: FreeIPA 3.2 - 2013/03
Log in to comment on this ticket.