Hi folks, I am confused: Setting up a new freeipa service (CentOS 7.5) using ipa-server-install or ipa-dns-install it asks me Do you want to search for missing reverse zones? [yes]: yes But then it did not create a reverse zone :-( This doesn't look like https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/... Is this a good thing? How can I tell ipa-dns-install to create a reverse zone, no matter what? Every helpful comment is highly appreciated. Harri ------------------------------------------------------------------------- [root@idms01 centos]# ls -al /etc/resolv.conf ls: cannot access /etc/resolv.conf: No such file or directory [root@idms01 centos]# ipa-dns-install The log file for this installation can be found in /var/log/ipaserver-install.log ============================================================================== This program will setup DNS for the IPA Server. This includes: * Configure DNS (bind) * Configure SoftHSM (required by DNSSEC) * Configure ipa-dnskeysyncd (required by DNSSEC) NOTE: DNSSEC zone signing is not enabled by default To accept the default shown in brackets, press the Enter key. Do you want to configure DNS forwarders? [yes]: Following DNS servers are configured in /etc/resolv.conf: 127.0.0.1 Do you want to configure these servers as DNS forwarders? [yes]: no Enter an IP address for a DNS forwarder, or press Enter to skip: 1.1.1.1 DNS forwarder 1.1.1.1 added. You may add another. Enter an IP address for a DNS forwarder, or press Enter to skip: Checking DNS forwarders, please wait ... Do you want to search for missing reverse zones? [yes]: yes The following operations may take some minutes to complete. Please wait until the prompt is returned. Configuring DNS (named) [1/8]: generating rndc key file [2/8]: setting up our own record [3/8]: adding NS record to the zones [4/8]: setting up kerberos principal [5/8]: setting up named.conf [6/8]: setting up server configuration [7/8]: configuring named to start on boot [8/8]: changing resolv.conf to point to ourselves Done configuring DNS (named). Restarting the web server to pick up resolv.conf changes Configuring DNS key synchronization service (ipa-dnskeysyncd) [1/7]: checking status [2/7]: setting up bind-dyndb-ldap working directory [3/7]: setting up kerberos principal [4/7]: setting up SoftHSM [5/7]: adding DNSSEC containers [6/7]: creating replica keys [7/7]: configuring ipa-dnskeysyncd to start on boot Done configuring DNS key synchronization service (ipa-dnskeysyncd). Restarting ipa-dnskeysyncd Restarting named Updating DNS system records ============================================================================== Setup complete Global DNS configuration in LDAP server is empty You can use 'dnsconfig-mod' command to set global DNS options that would override settings in local named.conf files You must make sure these network ports are open: TCP Ports: * 53: bind UDP Ports: * 53: bind