Home / server / Questions / 973597
In Process
Michael Moser
Asked: 2019-07-02 10:46:14 +0800 CST

sssd dynamically update DNS

  • 772

I am trying to figure out how to get SSSD to dynamically update DNS for different domains on a per NIC basis.

For instance if I have a server named host.corp.example.com that has 2 NIC's.

I would like the first NIC to use DDNS to update NIC1's DNS entries to reflect host.corp.example.com. However for NIC 2 I want to try and get it to register in DNS as host.management.example.com.

Both management.example.com and corp.example.com are served by the same kerberos domain (Either AD or IPA)

The conundrum I face is that the hostname is determined by system hostname or the ipa_hostname value in sssd.conf. Because those values are required to be fully qualified I can't simply append the DNS domain suffix to the host portion to dynamically generate the FQDN.

I've seen people write nsupdate scripts, which I'd like to avoid having to implement in an environment of almost 1,000 servers.

My question is simply: Is there an easy way native to sssd to accomplish the above?

domain-name-system

2 Answers

  1. Suggest to keep sssd out of the equation for one interface and configure that with isc dhcpd ddns updates and a host entry.

    host nfs {
     hardware ethernet 52:54:00:66:f8:32;
     ddns-hostname "nfs";
     ddns-domainname "corp.example.com";
}

    The isc dhcp server is the standard server in FreeIPA, and should already be configured to be able to update the bind zones.

    • 1

  2. If dhcpd & bind cannot be used, and this dynamic updates are required, then multiple [domain] sections with according configuration could do the job.

    https://jhrozek.fedorapeople.org/sssd/1.10.0/sssd-ad.5.html

    dyndns_iface (string)

    Optional. Applicable only when dyndns_update is true. Choose the interface whose IP address should be used for dynamic DNS updates.

    Default: Use the IP address of the AD LDAP connection
    • 0