DSfW: DSfW installation / upgrade is causing novell-named not being able to start.

Document ID:7014532
Creation Date:10-Feb-2014
Modified Date:08-Oct-2014
- Micro Focus Products:
  eDirectory
  Open Enterprise Server
- SUSE Products:
  SUSE Linux Enterprise Server

Environment

Novell Open Enterprise Server 11 SP2 (OES11SP2)
Novell Open Enterprise Server 11 SP1 (OES11SP1)
Domain Services for Windows
DSfW

Situation

After either the installation or addition of an ADC to a DSfW Domain or the upgrade of DSFW (OES11SP1 --> OES11SP2) novell-named is not able to start.

30-Jan-2014 17:16:08.477 config: isccfg/parser: error: zone '6.10.IN-ADDR.ARPA.': 'allow-update' is ignored when 'update-policy' is present
30-Jan-2014 17:16:08.477 config: isccfg/parser: error: zone '7.10.IN-ADDR.ARPA.': 'allow-update' is ignored when 'update-policy' is present
30-Jan-2014 17:16:08.478 general: server: critical: loading configuration: failure
30-Jan-2014 17:16:08.478 general: server: critical: exiting (due to fatal error)

Resolution

Since both allow-update and update-policy are enabled and only once can be configured for a given DNS zone.

DSfW requires dynamic dns.

If dynamic dns is configured with DHCP delete the update-policy and enable the allow-update.

If dynamic dns is not configured with DHCP, the update-policy must be used. Remove the the allow-update and only enable the update-policy. The update-policy should have grant * sam * A SRV PTR for the policy.

Cause

When both allow-update and update-policy are set / configured for a given DNS zone, novell-named is no longer starting as this is not a valid configuration.

The installation/upgrade modifies and invalidates the dns configuration without any warning.

Status

Reported to Engineering