Red Hat SummitChapter 7. Managing DNS records in IdM
This chapter describes how to manage DNS records in RHEL Identity Management (IdM). As an IdM administrator, you can add, modify and delete DNS records in IdM.
Prerequisites
Your IdM deployment contains an integrated DNS server. For information how to install IdM with integrated DNS, see one of the following links:
- You understand what types of DNS records exist in IdM.
- You understand what options are available when adding, modifying and deleting the most common DNS resource record types in IdM.
7.1. Adding DNS resource records in the IdM Web UI
Follow this procedure to add DNS resource records in the RHEL Identity Management (IdM) Web UI.
Prerequisites
- The DNS zone to which you want to add a DNS record exists and is managed by IdM. For more information about creating a DNS zone in IdM DNS, see Managing DNS zones in IdM.
- You are logged in as IdM administrator.
Procedure
-
In the IdM Web UI, click
Network ServicesDNSDNS Zones. - Click the DNS zone to which you want to add a DNS record.
In the
DNS Resource Recordssection, click to add a new record.Figure 7.1. Adding a New DNS Resource Record
Select the type of record to create and fill out the other fields as required.
Figure 7.2. Defining a New DNS Resource Record
- Click to confirm the new record.
7.2. Adding DNS resource records from the IdM CLI
Follow this procedure to add a DNS resource record of any type from the command line (CLI).
Prerequisites
- The DNS zone to which you want to add a DNS records exists. For more information about creating a DNS zone in IdM DNS, see Managing DNS zones in IdM.
- You are logged in as IdM administrator.
Procedure
To add a DNS resource record, use the
ipa dnsrecord-addcommand. The command follows this syntax:ipa dnsrecord-add zone_name record_name --record_type_option=data
$ ipa dnsrecord-add zone_name record_name --record_type_option=dataCopy to Clipboard Copied! In the command above:
- The zone_name is the name of the DNS zone to which the record is being added.
- The record_name is an identifier for the new DNS resource record.
For example, to add an A type DNS record of host1 to the idm.example.com zone, enter:
ipa dnsrecord-add idm.example.com host1 --a-rec=192.168.122.123
$ ipa dnsrecord-add idm.example.com host1 --a-rec=192.168.122.123Copy to Clipboard Copied!
7.3. Deleting DNS records in the IdM Web UI
Follow this procedure to delete DNS records in RHEL Identity Management (IdM) using the IdM Web UI.
Prerequisites
- You are logged in as IdM administrator.
Procedure
-
In the IdM Web UI, click
Network ServicesDNSDNS Zones. - Click the zone from which you want to delete a DNS record, for example example.com..
In the
DNS Resource Recordssection, click the name of the resource record.Figure 7.3. Selecting a DNS Resource Record
- Select the check box by the name of the record type to delete.
Click
Delete.Figure 7.4. Deleting a DNS Resource Record
The selected record type is now deleted. The other configuration of the resource record is left intact.
7.4. Deleting an entire DNS record in the IdM Web UI
Follow this procedure to delete all the records for a particular resource in a zone using the RHEL Identity Management (IdM) Web UI.
Prerequisites
- You are logged in as IdM administrator.
Procedure
-
In the IdM Web UI, click
Network ServicesDNSDNS Zones. - Click the zone from which you want to delete a DNS record, for example zone.example.com..
-
In the
DNS Resource Recordssection, select the check box of the resource record to delete. Click .
Figure 7.5. Deleting an Entire Resource Record
The entire resource record is now deleted.
7.5. Deleting DNS records in the IdM CLI
Follow this procedure to remove DNS records from a zone managed by the RHEL Identity Management (IdM) DNS.
Prerequisites
- You are logged in as IdM administrator.
Procedure
To remove records from a zone, use the
ipa dnsrecord-delcommand and add the--recordType-recoption together with the record value. For example, to remove an A type record:ipa dnsrecord-del example.com www --a-rec 192.0.2.1
$ ipa dnsrecord-del example.com www --a-rec 192.0.2.1Copy to Clipboard Copied! If you run
ipa dnsrecord-delwithout any options, the command prompts for information about the record to delete. Note that passing the--del-alloption with the command removes all associated records for the zone.
'%20d='M201.5%20305.5c-13.8%200-24.9-11.1-24.9-24.6%200-13.8%2011.1-24.9%2024.9-24.9%2013.6%200%2024.6%2011.1%2024.6%2024.9%200%2013.6-11.1%2024.6-24.6%2024.6zM504%20256c0%20137-111%20248-248%20248S8%20393%208%20256%20119%208%20256%208s248%20111%20248%20248zm-132.3-41.2c-9.4%200-17.7%203.9-23.8%2010-22.4-15.5-52.6-25.5-86.1-26.6l17.4-78.3%2055.4%2012.5c0%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.3%2024.9-24.9s-11.1-24.9-24.9-24.9c-9.7%200-18%205.8-22.1%2013.8l-61.2-13.6c-3-.8-6.1%201.4-6.9%204.4l-19.1%2086.4c-33.2%201.4-63.1%2011.3-85.5%2026.8-6.1-6.4-14.7-10.2-24.1-10.2-34.9%200-46.3%2046.9-14.4%2062.8-1.1%205-1.7%2010.2-1.7%2015.5%200%2052.6%2059.2%2095.2%20132%2095.2%2073.1%200%20132.3-42.6%20132.3-95.2%200-5.3-.6-10.8-1.9-15.8%2031.3-16%2019.8-62.5-14.9-62.5zM302.8%20331c-18.2%2018.2-76.1%2017.9-93.6%200-2.2-2.2-6.1-2.2-8.3%200-2.5%202.5-2.5%206.4%200%208.6%2022.8%2022.8%2087.3%2022.8%20110.2%200%202.5-2.2%202.5-6.1%200-8.6-2.2-2.2-6.1-2.2-8.3%200zm7.7-75c-13.6%200-24.6%2011.1-24.6%2024.9%200%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.1%2024.9-24.6%200-13.8-11-24.9-24.9-24.9z'/%3e%3c/svg%3e){kind=small}