Creating our 1st DNS zones and DNS record in IPA Server


IPA Server: In our last first guide, we have seen how to setup IDM server on Red Hat Enterprise Linux 7 using IPA. By following in this guide let’s create our reverse zone and first DNS entry for one of the server.

Initially while setting up we used auto reserve option to create the reserver zone. In case if it not created or you may need to create different zone lets see how to do the same.

Find previous articles related to the series:

Abbreviations Used

  • GUIGraphical User Interface
  • CLICommand Line Interface
  • PTRPointer Record or Reverse Record
  • FQDNFully qualified domain name

Step 1: Create Reverse DNS Zone from GUI.

To create the reserve DNS zone click on top menu “Network Services”

creating DNS zone in IPA server

And select DNS Zones, It will list the existing zones. Here in our setup, we are able to see “linuxsysadmins.local” which we created during the initial setup.

IPA DNS server zone creation

To create a Reserve zone click “Add” in right side top corner.

Add DNS reverse zone in IDM server

It will pop-up a window to create a Reverse zone. By entering the IP range including subnet and click on “Add” will create the reverse zone.

IPA server PTR record auto creation

By clicking on DNS Zones we are able to list the existing one along with created reverse zone and ready to use.

List created PRT zone in Red Hat IPA server

Network Services –> DNS Zones –> Add –> Reverse Zone IP Network –> Add.

Step 1:1 Create a new DNS Zone with Reverse lookup from CLI.

To create a DNS zone from command line we have to use “IPA” command by following available options and argument. Let’s create and new zone with Reverse Zone.

# ipa dnszone-add nixsysadmins.local
# ipa dnszone-add
Create a DNS zone using IPA command

To confirm the same navigate to Network Services –> DNS –> DNS zones it will be listed here as shown in the figure.

DNS zones created from IPA command line

It’s super easy to create from CLI though.

Step 2: Creating the first DNS entry in the IPA server (GUI).

To create our first DNS entry click on the existing zone “.local“.

Creating a DNS record in a zone

By following enter the details to create the DNS entry.

Adding DNS Resource Record
  1. Click “Add” to start creating DNS.
  2. Name to resolve with any IP “docker”.
  3. Choose Record type to create “A” record. (To point the Hostname to IP)
  4. IP address for name record to resolve.
  5. Check to create a reverse (PRT) record without additional steps.
  6. Click “Add” to create the DNS entry.

Once created it will be listed in DNS resource record page.

Created DNS record in a zone

By checking “Create Reverse” PRT will be created. Let us verify and confirm the same.

Verify DNS PTR record creation

Network Services –> DNS –> DNS Zones –> Click on

Click on PTR record to get more information.

  1. Click on Reverse Zone (
  2. Record name used for reverse lookup.
  3. Record type (PTR).
  4. IP address resolves an FQDN.

Step 2:1 Creating the first DNS entry in the IPA server (CLI).

To create a new DNS record from CLI we have to use with IPA command. First, create forward lookup by following create PTR record.

# ipa dnsrecord-add nixsysadmins.local repo --a-rec
# ipa dnsrecord-add 10 --ptr-rec repo.nixsysadmins.local
Create DNS records using IPA command from CLI

Verify by clicking on created Forward and reverse entry from the graphical interface.

Created forward lookup DNS record
DNS PTR record created using IPA command from CLI

We have successfully created a DNS entry from IPA CLI.

Step 3: Configure Static IP and resolve DNS name.

Configure IP to anyone of the Physical or virtual machine to verify the DNS.

In below figure, we are able to see the Transient Hostname as “docker.linuxsysadmins.local”.

Created DNS record resolves an IP address

Additional Zone/Subnet resolution

If you have a plan to setup an additional zone in future or to reach a different subnet we need to make below changes.

DNS lookups will not forwarded if they originate in a subnet not managed by IPA, Configure the DNS server to allow recursion by default.

Once the recursion enabled it will start to forward requests even from subnets it does not control.

allow-recursion { any; };

To make the changes effective, restart the service.

[root@idm1 ~]# ipactl restart
Restarting Directory Service
Restarting krb5kdc Service
Restarting kadmin Service
Restarting named Service
Restarting httpd Service
Restarting ipa-custodia Service
Restarting pki-tomcatd Service
Restarting ipa-otpd Service
Restarting ipa-dnskeysyncd Service
ipa: INFO: The ipactl command was successful
[root@idm1 ~]#

That’s it, we have successfully created DNS zones and creating DNS records from GUI and CLI in an IPA server.


Have seen two ways of creating DNS zones and DNS records in IPA server, let’s see more in next topic. Subscribe with us to get more related topics through email.

1 thought on “Creating our 1st DNS zones and DNS record in IPA Server”

Leave a Comment

Subscribe To Our Newsletter

Join our mailing list to receive the latest news and updates from our team.

We promise not to spam you, and we don't usually send more than one email a week.

You have Successfully Subscribed!

Exit mobile version