1ipa-dns-install(1)           FreeIPA Manual Pages           ipa-dns-install(1)
2
3
4

NAME

6       ipa-dns-install - Add DNS as a service to an IPA server
7

SYNOPSIS

9       ipa-dns-install [OPTION]...
10

DESCRIPTION

12       Configure  an integrated DNS server on this IPA server, create DNS zone
13       with the name of the IPA primary DNS domain, and fill it in  with  ser‐
14       vice  records  necessary  for  IPA  deployment.  In cases where the IPA
15       server name does not belong to  the  primary  DNS  domain  and  is  not
16       resolvable  using DNS, create a DNS zone containing the IPA server name
17       as well.
18
19       IPA provides an integrated DNS server which can be used to simplify IPA
20       deployment.  If  you  decide to use it, IPA will automatically maintain
21       SRV and other service records when you change your topology.
22
23       The DNS component in FreeIPA is optional and you may choose  to  manage
24       all  your  DNS  records manually on another third party DNS server. IPA
25       DNS is not a general-purpose DNS server. If you need advanced  features
26       like DNS views, do not deploy IPA DNS.
27
28       This  command requires that an IPA server is already installed and con‐
29       figured.
30
31

OPTIONS

33       -d, --debug
34              Enable debug logging when more verbose output is needed
35
36       --ip-address=IP_ADDRESS
37              The IP address of the IPA server. If not provided then  this  is
38              determined based on the hostname of the server.  This option can
39              be used multiple times to  specify  more  IP  addresses  of  the
40              server (e.g. multihomed and/or dualstacked server).
41
42       --forwarder=FORWARDER
43              A  forwarder  is  a  DNS  server  where  queries  for a specific
44              non-resolvable address can be directed. To define multiple  for‐
45              warders use multiple instances of --forwarder
46
47       --no-forwarders
48              Do  not add any DNS forwarders, send non-resolvable addresses to
49              the DNS root servers.
50
51       --auto-forwarders
52              Add DNS forwarders configured in /etc/resolv.conf to the list of
53              forwarders used by IPA DNS.
54
55       --forward-policy=first|only
56              DNS  forwarding  policy  for  global  forwarders specified using
57              other options.  Defaults to first if no IP address belonging  to
58              a  private  or  reserved  ranges is detected on local interfaces
59              (RFC 6303).  Defaults  to  only  if  a  private  IP  address  is
60              detected.
61
62       --reverse-zone=REVERSE_ZONE
63              The  reverse  DNS  zone to use. This option can be used multiple
64              times to specify multiple reverse zones.
65
66       --no-reverse
67              Do not create new reverse DNS zone. If used on a replica  and  a
68              reverse DNS zone already exists for the subnet, it will be used.
69
70       --auto-reverse
71              Try  to  resolve reverse records and reverse zones for server IP
72              addresses and if neither is  resolvable  creates  these  reverse
73              zones.
74
75       --no-dnssec-validation
76              Disable DNSSEC validation on this server.
77
78       --dnssec-master
79              Setup server to be DNSSEC key master.
80
81       --disable-dnssec-master
82              Disable the DNSSEC master on this server.
83
84       --kasp-db=KASP_DB
85              Copy  OpenDNSSEC  metadata from the specified kasp.db file. This
86              will not create a new kasp.db file.
87
88       --zonemgr
89              The e-mail address of the DNS zone manager. Defaults to hostmas‐
90              ter@DOMAIN
91
92       --allow-zone-overlap
93              Allow  creatin  of  (reverse)  zone  even if the zone is already
94              resolvable. Using this option is discouraged  as  it  result  in
95              later problems with domain name resolution.
96
97       -U, --unattended
98              An unattended installation that will never prompt for user input
99

DEPRECATED OPTIONS

101       -p DM_PASSWORD, --ds-password=DM_PASSWORD
102              The  password  to be used by the Directory Server for the Direc‐
103              tory Manager user
104

EXIT STATUS

106       0 if the installation was successful
107
108       1 if an error occurred
109
110
111
112FreeIPA                          Jun 28, 2012               ipa-dns-install(1)
Impressum