Univention Bugzilla – Bug 57377
Installing the Keycloak app after establishing an AD-Connection as member in MS AD doesn't create DNS record
Last modified: 2024-07-04 15:33:11 CEST
Followup of Bug #57293: > During Keycloak installation we create the dns/host_record ucs-sso-ng.$domainname. > In AD membermode, the AD is used as a DNS server. We need some credentials to create the DNS record and currently the joinscript of the Keycloak app expects -dcaccount and -dcpwd to be passed (i.e. $binddn and $bindpwdfile) but in UCS, that's not passed on the Primary Directory Node. So we could adjust admember.add_host_record_in_ad() to pick up machine credentials in the ad/member=true case. This is relevant for preparing towards the 5.2-0 update.
Verified: * commit for https://git.knut.univention.de/univention/components/keycloak-app/-/issues/218 fixes the issue * Tested by using scenarios/ad-membermode/autotest-222-admember-w2k8r2-german.cfg, switching to test-appcenter and installing keycloak