How to remove _only_ an A, MX or TXT record via udm interface?

UCS - Univention Corporate Server
#1

Hello, first time poster here. Please let me know if I’m posting in the wrong area or not following proper procedure. Thanks in advance.

I’ve set up Univention UCS as the directory in one of our labs. I am scripting tools to manage the system and I’m not sure how to remove only an A, MX or TXT DNS record using the udm tool’s interface. I don’t want to simply delete the entire host record because it may have have other attributes I want to keep (A, MX or TXT record).

I notice that for TXT records there’s a a separate udm module (dns/txt_record) but for the “create” command it seems to do the same thing as dns/host_record (simply creates a dns/host_record object) and for the “remove” command it doesn’t seem to work at all. (It yields “E: object not found” even though the DN definitely exists:

# This just creates a host_record type object just like "dns/host_record create" would
root@ucs-admin:/# udm dns/txt_record create --position zoneName=example.net,cn=dns,dc=example,dc=net --set name=test3 --set txt=\"blah\"
Object created: relativeDomainName=test3,zoneName=example.net,cn=dns,dc=example,dc=net

# I need to use "dns/host_record modify" to add an A record to this same LDAP object rather
# than creating a separate A record object (trying "dns/host_record create" yields an "Object
# exists" error.
root@ucs-admin:/# udm dns/host_record modify --dn relativeDomainName=test3,zoneName=example.net,cn=dns,dc=example,dc=net --set a="1.2.3.4"
Object modified: relativeDomainName=test3,zoneName=example.net,cn=dns,dc=example,dc=net

# This does not work at all. Perhaps because the object has another attribute (aRecord) set?
# Or perhaps it incorrectly assumes that only entire zones can have TXT (or MX) records?
root@ucs-admin:/# udm dns/txt_record remove --dn relativeDomainName=test3,zoneName=example.net,cn=dns,dc=example,dc=net
E: object not found

So there doesn’t seem to be a way to remove just the A, MX or TXT records from a DNS host record that has any of the other record types set. As a workaround I’d have to read and parse the object to see if any other attributes / records are set, save that information, delete the object, then recreate to object with the attributes / records I want to keep. This is less than ideal and creates a potential race condition where the other records no longer exist for a period of time.

This seems broken to me. Is this by design?

#2

I was incorrect in my description above where I say “dns/txt_record create” makes a “dns/host_record” object. It does have univentionObjectType = “dns/txt_record” but this object seems to function identically to one of type “dns/host_record” . The problem is the same either way.

#3

Hey,

welcome to UCS in general and the forum in particular!

The remove action is supposed to delete the whole LDAP object. If you want to remove attributes only, you’ll have to use the modify action with the --remove=<attribute> option.

I highly suggest you always use the dns/host_record module for creating entries that can contain all three types of attributes (A, MX, TXT).

Here’s an example:

[0 root@master ~] udm dns/host_record create --position zoneName=wildcard.test,cn=dns,dc=mbu-test,dc=intranet --set name=testme --set a=127.0.0.1 --set txt=stuff
Object created: relativeDomainName=testme,zoneName=wildcard.test,cn=dns,dc=mbu-test,dc=intranet
[0 root@master ~] udm dns/host_record modify --dn relativeDomainName=testme,zoneName=wildcard.test,cn=dns,dc=mbu-test,dc=intranet --remove txt
Object modified: relativeDomainName=testme,zoneName=wildcard.test,cn=dns,dc=mbu-test,dc=intranet
[0 root@master ~] udm dns/host_record list --filter relativeDomainName=testme
relativeDomainName=testme
DN: relativeDomainName=testme,zoneName=wildcard.test,cn=dns,dc=mbu-test,dc=intranet
  a: 127.0.0.1
  name: testme
  zonettl: 3 hours

Kind regards
mosu

Mastodon