Red Hat Summit Red Hat SummitSupportConsoleDevelopersStart a trialContact

Chapter 24. Installing DNS on an existing IdM server

Install the DNS service on an Identity Management (IdM) server that was originally installed without it.

Prerequisites

Procedure

  1. Optional: Verify that DNS is not already installed on the IdM server. 

    [root@r8server ~]# ipa server-role-show r8server.idm.example.com
Role name: DNS server
  Server name: r8server.idm.example.com
  Role name: DNS server
  Role status: absent
    Copy to Clipboard Toggle word wrap

    The output confirms that IdM DNS is not available on the server.

  2. Enable the idm:DL1 stream: 

    [root@r8server ~]# yum module enable idm:DL1
    Copy to Clipboard Toggle word wrap

  3. Download the ipa-dns-server package and its dependencies: 

    [root@r8server ~]# yum module install idm:DL1/dns
    Copy to Clipboard Toggle word wrap

  4. Start the script to install DNS on the server: 

    [root@r8server ~]# ipa-dns-install
    Copy to Clipboard Toggle word wrap

    1. The script prompts for per-server DNS forwarders. 

      Do you want to configure DNS forwarders? [yes]:
      Copy to Clipboard Toggle word wrap

      • To configure per-server DNS forwarders, enter yes, and then follow the instructions on the command line. The installation process will add the forwarder IP addresses to the IdM LDAP.

        • For the forwarding policy default settings, see the --forward-policy description in the ipa-dns-install(1) man page.

      • If you do not want to use DNS forwarding, enter no.

        With no DNS forwarders, hosts in your IdM domain will not be able to resolve names from other, internal, DNS domains in your infrastructure. The hosts will only be left with public DNS servers to resolve their DNS queries.

    2. The script prompts to check if any DNS reverse (PTR) records for the IP addresses associated with the server need to be configured. 

      Do you want to search for missing reverse zones? [yes]:
      Copy to Clipboard Toggle word wrap

      If you run the search and missing reverse zones are discovered, the script asks you whether to create the reverse zones along with the PTR records. 

      Do you want to create reverse zone for IP 192.0.2.1 [yes]:
Please specify the reverse zone name [2.0.192.in-addr.arpa.]:
Using reverse zone(s) 2.0.192.in-addr.arpa.
      Copy to Clipboard Toggle word wrap
      Note

      Using IdM to manage reverse zones is optional. You can use an external DNS service for this purpose instead.

Back to top
Red Hat logoGithubredditYoutubeTwitter

Learn

Try, buy, & sell

Communities

About Red Hat Documentation

We help Red Hat users innovate and achieve their goals with our products and services with content they can trust. Explore our recent updates.

Making open source more inclusive

Red Hat is committed to replacing problematic language in our code, documentation, and web properties. For more details, see the Red Hat Blog.

About Red Hat

We deliver hardened solutions that make it easier for enterprises to work across platforms and environments, from the core datacenter to the network edge.

Theme

© 2025 Red Hat