Unable to save Create Reverse DNS record for mydomain.com task failed with the following error: ERF12-2357 [ProxyAPI::ProxyException]: Unable to set DNS entry ([RestClient::BadRequest]: 400 Bad Request) for proxy https://mydomain.com:8443/dns

Apply to Katello,Satellite and Foreman

"Unable to save Create Reverse DNS record for mydomain.com task failed with the following error: ERF12-2357 [ProxyAPI::ProxyException]: Unable to set DNS entry ([RestClient::BadRequest]: 400 Bad Request) for proxy https://mydomain.com:8443/dns"

This is the network we are using for this example:

Network 192.168.122.x



The error we are getting is caused for a misspelling of the reverse zone resolution when we active the dns as you can see in this example the dns-reverse is 13.17.172 instead of 122.168.192

katello-installer -v --capsule-dns true --capsule-dns-interface eth0 --capsule-dns-zone example.com --capsule-dns-forwarders 192.168.122.4 --capsule-dns-reverse 13.17.172.in-addr.arpa

 Looking in the messages logs this is the error we get

named: client 127.0.0.1#51110/key rndc-key: signer "rndc-key" approved

named: client 127.0.0.1#51110/key rndc-key: updating zone 'example.com/IN': adding an RR at 'test.example.com' A

named: client 127.0.0.1#56707/key rndc-key: update '168.192.IN-ADDR.ARPA/IN' denied

named: client 127.0.0.1#28443/key rndc-key: signer "rndc-key" approved

named: client 127.0.0.1#28443/key rndc-key: updating zone 'example.com/IN': deleting rrset at 'test.example.com' A


After correct the reverse zone as expected.

katello-installer -v --capsule-dns true --capsule-dns-interface eth0 --capsule-dns-zone example.com --capsule-dns-forwarders 192.168.122.4 --capsule-dns-reverse 13.17.172.in-addr.arpa


All is working as  now

named: client 127.0.0.1#24069/key rndc-key: updating zone 'example.com/IN': adding an RR at 'test.example.com' A

named: client 127.0.0.1#60420/key rndc-key: updating zone '122.168.192.in-addr.arpa/IN': adding an RR at '200.122.168.192.in-addr.arpa' PTR

named: client 127.0.0.1#46716/key rndc-key: updating zone 'example.com/IN': deleting rrset at 'test.example.com' A

named: client 127.0.0.1#11584/key rndc-key: updating zone '122.168.192.in-addr.arpa/IN': deleting rrset at '200.122.168.192.in-addr.arpa' PTR

Comments

Post a Comment

Popular posts from this blog

How to clean all the foreman task and locked task

1.- First make su to postgres user su -s /bin/bash - postgres  2.-Execute psql psql  3.- connect to the foreman database \c foreman;  4.- Delete all the foreman task and foreman task locks delete from foreman_tasks_tasks;  delete from foreman_tasks_locks;  5.- Quit from postgres and exit \q  exit  6. Restart all the services for s in {qpidd,pulp_celerybeat,pulp_ resource_manager,pulp_workers, httpd}; do sudo service $s restart; done  Update in todays foreman you can clean the task using the following command: foreman-rake foreman_tasks:cleanup
Read more

How to restrict users to send only mail to the local domain in Zimbra

How to restrict users to send only mail to the local domain in Zimbra 1. Open file /opt/zimbra/conf/zmconfigd/smtpd_recipient_restrictions.cf and add this line below reject_non_fqdn_recipient. This is example on my system permit_sasl_authenticated check_sender_access lmdb:/opt/zimbra/postfix/conf/restricted_senders permit_mynetworks 2. Open file /opt/zimbra/conf/zmconfigd.cf and add those lines before RESTART mta. This is example on my system POSTCONF smtpd_restriction_classes local_only POSTCONF local_only FILE postfix_check_recipient_access.cf RESTART mta 3. Create a file /opt/zimbra/conf/postfix_check_recipient_access.cf and add the following line.  check_recipient_access lmdb:/opt/zimbra/postfix/conf/local_domains, reject 4. Create a file "/opt/zimbra/postfix/conf/restricted_senders" and list all the users, whom you want to restrict. Follow this syntax: user@yourdomain.com local_only 5. Create a file "/opt/zimb...
Read more

Hardening Script

#!/bin/bash function set_parameter { sed -i -e "s|^$2.*|$2$3|" $1 egrep "^$2*" $1 > /dev/null ||echo "$2$3" >> $1 } #--------------------------------------------------------------------------------------------------------------- function add_line { egrep "^$2" $1 > /dev/null || echo "$2" >> $1 } #--------------------------------------------------------------------------------------------------------------- echo '# This file contains the auditctl rules that are loaded # whenever the audit daemon is started via the initscripts. # The rules are simply the parameters that would be passed # to auditctl. # First rule - delete all -D # Increase the buffers to survive stress events. # Make this bigger for busy systems -b 8192 # Feel free to add below this line. See auditctl man page -a always,exit -F arch=b32 -S adjtimex -S settimeofday -S stime -k timechange ...
Read more