Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Unable to create reverse lookup record on a Windows Active Directory server. #141

Open
jtn70 opened this issue May 31, 2021 · 4 comments
Open

Unable to create reverse lookup record on a Windows Active Directory server. #141

jtn70 opened this issue May 31, 2021 · 4 comments

Comments

@jtn70
Copy link

jtn70 commented May 31, 2021
edited
Loading

Provider, Resource and locals used:

provider "dns" {
  update {
    server = "dc.test.com"
    gssapi {
      realm = "TEST.COM"
    }
  }

resource "dns_ptr_record" "rdnsrec" {
  for_each = local.vm_settings
  zone     = "10.in-addr.arpa."
  name     = each.value.ipaddress
  ptr      = "${each.key}.test.com."
}

locals {
  vm_settings = {
    "ubuntutest" = { cpu = 2, memory = 2048, osdisk = 40, datadisk = 0, network = "...", ipaddress = "10.x.x.x", netmask = 24, gateway = "10.x.x.1" },
    ....
}

The error message that is received is:
Error: Error updating DNS record: unexpected acceptor flag is not set: expecting a token from the acceptor, not in the initiator

│ with dns_ptr_record.test,
│ on vsphere-ubuntu.tf line 96, in resource "dns_ptr_record" "test":
│ 96: resource "dns_ptr_record" "test" {

The corresponding "dns_a_record_set" resource works as expected.
I have also tried to create a static resource without using foreach loop with the same result.

The corresponding NSUPDATE command works as expected:

nsupdate
> gsstsig
> update add ubuntutest 300 A 10.x.x.x
> send

Terraform v0.15.4
on linux_amd64

  • provider registry.terraform.io/hashicorp/dns v3.1.0
  • provider registry.terraform.io/hashicorp/vsphere v1.26.0
@angegar
Copy link

angegar commented Jun 1, 2021

I do not know if it is related, but I have some issues with Active Directory too.

image

It appears the user I used does not exist into the Kerberos DB whereas it was created through the Active Directory interface.

@laingsc
Copy link

laingsc commented Jul 19, 2021

Get the exact same thing for NS records, A and cname are fine! "expecting a token from the acceptor"

Windows DNS....

@lduriez lduriez mentioned this issue Jul 28, 2021
Closed
@SamKirsch10
Copy link

I am also getting this error for NS records. I ran terraform in TRACE mode and am attaching the logs here.
tf_trace_ns_error.log

vars:

ns_records = {
    "redislabs-dev-ob": {
        "target": [
            "d3lredslabss01.cl.local.",
            "d3lredslabss02.cl.local.",
            "d3lredslabss03.cl.local."
        ],
        "zone": "cl.local."
    }
}

records.tf

resource "dns_ns_record_set" "ns_record" {
  for_each = var.ns_records

  zone        = each.value.zone
  name        = each.key
  nameservers = each.value.target
}

@verejoel
Copy link

I was able to get PTR records working on Windows AD by creating a dummy resource, then importing a record I created manually. In case it helps, here is my solution:

Example IP address: 10.20.30.40/24
Hostname: centos
Domain: example.com
Reverse-lookup domain (as shown in AD DNS manager): 30.20.10.in-addr.arpa

Then the following resource block successfully creates the PTR record:

resource "dns_ptr_record" "test" {
  zone = "30.20.10.in-addr.arpa."
  name = "40"
  ptr  = "centos.example.com."
  ttl  = 300
}

@nicokauffmann nicokauffmann mentioned this issue Jun 28, 2023
Open
1 task
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@angegar @jtn70 @SamKirsch10 @laingsc @verejoel