Работа с DNS записями из CLI

Получаем Kerberos tiket

[admin@ipa1 ~]$ kinit admin
Password for admin@VIRTLAB.LOCAL:
 
[admin@ipa1 ~]$ klist
Ticket cache: KCM:1000
Default principal: admin@VIRTLAB.LOCAL
 
Valid starting       Expires              Service principal
02/01/2023 16:29:05  02/02/2023 15:56:54  krbtgt/VIRTLAB.LOCAL@VIRTLAB.LOCAL

Просмотр списка DNS зон

[admin@ipa1 ~]$ ipa dnszone-find
  Zone name: virtlab.local.
  Active zone: True
  Authoritative nameserver: ipa1.virtlab.local.
  Administrator e-mail address: hostmaster.virtlab.local.
  SOA serial: 1675071332
  SOA refresh: 3600
  SOA retry: 900
  SOA expire: 1209600
  SOA minimum: 3600
  BIND update policy: grant VIRTLAB.LOCAL krb5-self * A; grant VIRTLAB.LOCAL krb5-self * AAAA; grant VIRTLAB.LOCAL krb5-self * SSHFP;
  Dynamic update: True
  Allow query: any;
  Allow transfer: none;
----------------------------
Number of entries returned 1
----------------------------

Поиск записи в DNS зоне virtlab.local.

[admin@ipa1 ~]$ ipa dnsrecord-find virtlab.local. --name ipa1
  Record name: ipa1
  A record: 192.168.100.11
  SSHFP record: 1 1 619560D77A48B6E1806F85F41B5B91E691728D25, 1 2 5581D80194C3789E258BC71633FABBE57C191B17890E8E6E0997B283 0C0D082B, 3 1 FA542A263DA3DA04B56124FC3E42EABAB4C6BEDB, 3 2
                4BE86047FECFE9CAD0402327FA13A264DDCBC66112D97D497D304696 9FBFAD22, 4 1 BEEB5EEA89E3C32494632C20C3E11F29E52BBC9F, 4 2 48E3545B2A5472092BF5CF4AD5B4B1B82B8FB91BA2BE9FB24B31175A C89950AE
----------------------------
Number of entries returned 1
----------------------------

Добавление A-записи

[admin@ipa1 ~]$ ipa dnsrecord-add virtlab.local. test --a-rec 192.168.8.8
  Record name: test
  A record: 192.168.8.8

Удаление A-записи

[admin@ipa1 ~]$ ipa dnsrecord-del virtlab.local. test --a-rec 192.168.8.8
---------------------
Deleted record "test"
---------------------