dnsforwardzone issue

[mralph-rh]

RHEL 8 environement using Ansible 2.9. I am using dnsforwardzone to setup up the forwarder to an AD server so I can setup the AD trust. issue is that it shows up in the GUI as there, but on the ipa primary you can not do a dig and find the AD server. you can do a dig on the replica and see it. When i add it manually i never have this issue.

[rjeffman]

@mralph-rh dnsforwardzone uses the same APIs than CLI and GUI, so behavior should be the same (or nearly the same). Can you provide the code for the task that is not working?

[mralph-rh]

This issue has changed slightly. I have noticed this is inconsistent and sometimes it is the replica and sometimes it is the primary that fails to have the forward zone recognized. If it is the primary the trust fails to create and if it is the replica, then it cannot reach the trust.

• name: Set DNS forwardzone for AD ipadnsforwardzone: ipaadmin_password: "{{ admin_password }}" state: present name: "{{ ad_domain }}" forwarders:
  • ip_address: "{{ ad_ip }}" forwardpolicy: only skip_overlap_check: true
• name: Configure AD trust ipatrust: ipaadmin_password: "{{ admin_password }}" realm: "{{ ad_domain }}" admin: Administrator password: "{{ ad_password }}" state: present