From 34fc447c00189d53ccf44184cfd5ed48cde6bf86 Mon Sep 17 00:00:00 2001 From: Petr Spacek Date: Wed, 2 Apr 2014 11:04:07 +0200 Subject: Add wait_for_dns option to default.conf. This option makes record changes in DNS tree synchronous. IPA calls will wait until new data are visible over DNS protocol or until timeout. It is intended only for testing. It should prevent tests from failing if there is bigger delay between changes in LDAP and DNS. Reviewed-By: Petr Viktorin --- ipa-client/man/default.conf.5 | 9 +++++++++ 1 file changed, 9 insertions(+) (limited to 'ipa-client') diff --git a/ipa-client/man/default.conf.5 b/ipa-client/man/default.conf.5 index 5d5a48db6..c1ccf109e 100644 --- a/ipa-client/man/default.conf.5 +++ b/ipa-client/man/default.conf.5 @@ -178,6 +178,15 @@ Used internally in the IPA source package to verify that the API has not changed .B verbose When True provides more information. Specifically this sets the global log level to "info". .TP +.B wait_for_dns +Controls whether the IPA commands dnsrecord\-{add,mod,del} work synchronously or not. The DNS commands will repeat DNS queries up to the specified number of attempts until the DNS server returns an up-to-date answer to a query for modified records. Delay between retries is one second. +.IP +The DNS commands will raise a DNSDataMismatch exception if the answer doesn't match the expected value even after the specified number of attempts. +.IP +The DNS queries will be sent to the resolver configured in /etc/resolv.conf on the IPA server. +.IP +Do not enable this in production! This will cause problems if the resolver on IPA server uses a caching server instead of a local authoritative server or e.g. if DNS answers are modified by DNS64. The default is disabled (the option is not present). +.TP .B xmlrpc_uri Specifies the URI of the XML\-RPC server for a client. This may be used by IPA, and is used by some external tools, such as ipa\-getcert. Example: https://ipa.example.com/ipa/xml .TP -- cgit