Работа с DNS записями из CLI
Получаем Kerberos tiket
[admin@ipa1 ~]$ kinit admin
Password for admin@VIRTLAB.LOCAL:
[admin@ipa1 ~]$ klist
Ticket cache: KCM:1000
Default principal: admin@VIRTLAB.LOCAL
Valid starting Expires Service principal
02/01/2023 16:29:05 02/02/2023 15:56:54 krbtgt/VIRTLAB.LOCAL@VIRTLAB.LOCAL
Просмотр списка DNS зон
[admin@ipa1 ~]$ ipa dnszone-find
Zone name: virtlab.local.
Active zone: True
Authoritative nameserver: ipa1.virtlab.local.
Administrator e-mail address: hostmaster.virtlab.local.
SOA serial: 1675071332
SOA refresh: 3600
SOA retry: 900
SOA expire: 1209600
SOA minimum: 3600
BIND update policy: grant VIRTLAB.LOCAL krb5-self * A; grant VIRTLAB.LOCAL krb5-self * AAAA; grant VIRTLAB.LOCAL krb5-self * SSHFP;
Dynamic update: True
Allow query: any;
Allow transfer: none;
----------------------------
Number of entries returned 1
----------------------------
Поиск записи в DNS зоне virtlab.local.
[admin@ipa1 ~]$ ipa dnsrecord-find virtlab.local. --name ipa1
Record name: ipa1
A record: 192.168.100.11
SSHFP record: 1 1 619560D77A48B6E1806F85F41B5B91E691728D25, 1 2 5581D80194C3789E258BC71633FABBE57C191B17890E8E6E0997B283 0C0D082B, 3 1 FA542A263DA3DA04B56124FC3E42EABAB4C6BEDB, 3 2
4BE86047FECFE9CAD0402327FA13A264DDCBC66112D97D497D304696 9FBFAD22, 4 1 BEEB5EEA89E3C32494632C20C3E11F29E52BBC9F, 4 2 48E3545B2A5472092BF5CF4AD5B4B1B82B8FB91BA2BE9FB24B31175A C89950AE
----------------------------
Number of entries returned 1
----------------------------
Добавление A-записи
[admin@ipa1 ~]$ ipa dnsrecord-add virtlab.local. test --a-rec 192.168.8.8
Record name: test
A record: 192.168.8.8
Удаление A-записи
[admin@ipa1 ~]$ ipa dnsrecord-del virtlab.local. test --a-rec 192.168.8.8
---------------------
Deleted record "test"
---------------------