Can issue commands via nsupdate locally but not via foreman

> Hello there -
> My current mini-goal is to create a host in foreman and have it create a
> DNS entry via smart proxy, but I'm a bit stuck. Locally on the dns box, I
> can successfully issue updates via nsupdate. However, not via foreman. I
> have 2 machines involved here: ns1-test (running foreman-proxy) and
> foreman-test (foreman 1.0.1). In other words, when I try to submit a host
> via foreman, I currently get: "unable to save" "create DNS record for
> task failed with the following error: 400 Bad Request"
> I figured, maybe the smart proxy on the dns box is misconfigured but In
> /etc/foreman-proxy/settings.yml, "dns" is set to true, and "dns_key" is
> pointing to my key in /etc/named. Of course, restarted the foreman-proxy
> service afterwards. I currently using the public key, as that was I was
> using when testing nsupdate. Tried the private key for funsies, but still
> failed.
> Here's some other troubleshooting I've tried so far:
> * looked at the /features webpage - it reports that dns is managed
> * double check that the dns smart proxy is associated to the domain.
> * tcpdump on ns1-test does show packets from foreman-test when you click
> submit to add a host
> * enabled debugging in foreman's production.rb (seemed to be not much
> help, as it seems ruby or RoR layer centric)
> Any tips? I bet it something obvious that I cannot see currently.

turn on debug log level on your proxy config file, I'm guessing its a
permissions issue where your proxy cant execute nsupdate / read the key
file etc.

> Oh yes, by the way, since I'm a first time poster I must announce and
> remind you all that Foreman is awesome.



··· On Tue, Oct 9, 2012 at 5:38 AM, Smoratio Alger wrote:


You received this message because you are subscribed to the Google Groups
"Foreman users" group.
To view this discussion on the web visit
To post to this group, send email to
To unsubscribe from this group, send email to
For more options, visit this group at