30장. Installing DNS on an existing IdM server

Procedure

1. Optional: On the IdM server, verify that DNS is not already installed:

   # ipa server-role-show server.idm.example.com
   Role name: DNS server
     Server name: server.idm.example.com
     Role name: DNS server
     Role status: absent

   The output confirms that IdM DNS is not available on the server.

2. Download the ipa-dns-server package and its dependencies:

   # dnf install ipa-server-dns

3. On the IdM server, start the script to install DNS on the server:

   # ipa-dns-install

   1. The script prompts for per-server DNS forwarders.

      Do you want to configure DNS forwarders? [yes]:

      • To configure per-server DNS forwarders, enter yes, and then follow the instructions on the command line. The installation process will add the forwarder IP addresses to the IdM LDAP.

        • For the forwarding policy default settings, see the --forward-policy description in the ipa-dns-install(1) man page.

      • If you do not want to use DNS forwarding, enter no.

        With no DNS forwarders, hosts in your IdM domain will not be able to resolve names from other, internal, DNS domains in your infrastructure. The hosts will only be left with public DNS servers to resolve their DNS queries.

   2. The script prompts to check if any DNS reverse (PTR) records for the IP addresses associated with the server need to be configured.

      Do you want to search for missing reverse zones? [yes]:

      If you run the search and missing reverse zones are discovered, the script asks you whether to create the reverse zones along with the PTR records.

      Do you want to create reverse zone for IP 192.0.2.1 [yes]:
      Please specify the reverse zone name [2.0.192.in-addr.arpa.]:
      Using reverse zone(s) 2.0.192.in-addr.arpa.

      참고

      Using IdM to manage reverse zones is optional. You can use an external DNS service for this purpose instead.