On 17/02/2022 12:44, Alexander Bokovoy wrote:
On to, 17 helmi 2022, lejeczek via FreeIPA-users wrote:
> On 16/02/2022 19:45, Rob Crittenden wrote:
>> lejeczek via FreeIPA-users wrote:
>>> @devel
>>>
>>> Hi guys.
>>>
>>> Not knowing nitty-gritty of the internals if it, I'd
>>> dare to suggest, as
>>> future enhancement perhaps, this:
>>>
>>> allow both types of zone, creation of the second type
>>> would fail if
>>> first is 'enabled' and the same would go for '-mod' -
>>> allow(and
>>> facilitate switch) enable only if other is
>>> disabled(certainly allow both
>>> to be 'disabled')
>>>
>>> that would certainly be handy bit from an admin point
>>> of view.
>> Can you provide more context to this question? Why do
>> you need to do
>> whatever it is you need to do with some sort of type of
>> zone? Is this
>> DNSSEC-related?
>>
>> By "both types" do you mean Country AND Western? [1]
>>
>> rob
>>
>> [1] See Brothers, Blue
>>
> Apologies.
>
> Quite trivial:
>
> -> $ ipa dnsforwardzone-add j.xyz. --forwarder=10.3.1.221
> --forwarder=10.3.1.222 --skip-overlap-check
> Server will check DNS forwarder(s).
> This may take some time, please wait ...
> ipa: ERROR: Only one zone type is allowed per zone name
>
> -> $ ipa dnszone-disable j.xyz.
> -------------------------------
> Disabled DNS zone "jatymy.xyz."
> -------------------------------
>
> and here, now 'dnsforwardzone-add' would/could succeed.
>
> Then only one 'type' of zone is allowed to be 'enabled'
> at any given time and both can be (obviously) disabled.
You either have an authoritative zone or forward it to
someone else.
There is no way to combine them together.
Yes. Did I suggest 'combine'? - I said, allow both types to
exist in IPA but, have only one be enabled at any given time.
thanks, L.