Improve DNS zone creation

When a new DNS zone is being created a local hostname is set as a
nameserver of the new zone. However, when the zone is created
during ipa-replica-prepare, the the current master/replica doesn't
have to be an IPA server with DNS support. This would lead to DNS
zones with incorrect NS records as they wouldn't point to a valid
name server.

Now, a list of all master servers with DNS support is retrieved
during DNS zone creation and added as NS records for a new DNS
zone.

https://fedorahosted.org/freeipa/ticket/1261

1 files changed, 20 insertions, 0 deletions

diff --git a/ipalib/plugins/dns.py b/ipalib/plugins/dns.py
index 42ca498c9..cc2e6e548 100644
--- a/ipalib/plugins/dns.py
+++ b/ipalib/plugins/dns.py
@@ -105,6 +105,7 @@ from ipalib import Flag, Int, List, Str, StrEnum
 from ipalib.plugins.baseldap import *
 from ipalib import _, ngettext
 from ipapython import dnsclient
+from ldap import explode_dn
 
 # supported resource record types
 _record_types = (
@@ -559,6 +560,25 @@ class dnsrecord(LDAPObject):
             cliname = attr
         return cliname
 
+    def get_dns_masters(self):
+        ldap = self.api.Backend.ldap2
+        base_dn = 'cn=masters,cn=ipa,cn=etc,%s' % self.api.env.basedn
+        ldap_filter = '(&(objectClass=ipaConfigObject)(cn=DNS))'
+        dns_masters = []
+
+        try:
+            entries = ldap.find_entries(filter=ldap_filter, base_dn=base_dn)[0]
+
+            for entry in entries:
+                master_dn = entry[0]
+                if master_dn.startswith('cn='):
+                    master = explode_dn(master_dn)[1].replace('cn=','')
+                    dns_masters.append(master)
+        except errors.NotFound:
+            return []
+
+        return dns_masters
+
 api.register(dnsrecord)