What were you trying to do that didn't work?

notify explicit; or notify no; used in global options {} is never applied to all zones loaded from LDAP. Because they do not use named_zone_configure as used by common zones.

What is the impact of this issue to you?

There does not seem to be LDAP parameter to control this issue, but at the same time global configuration does not work also. Configuration is applied only to locally configured zones via normal files. Those defined in /etc/named.rfc1912.zones will have notifies disabled.

dns_zone_setnotifytype function setting this configuration per-zone and using global defaults is not applied for any zone originating from LDAP. Because defaults is applied only by this function

Please provide the package NVR for which the bug is seen:

bind-dyndb-ldap-11.11-3.el9_6.x86_64

How reproducible is this bug?:

reliable

Steps to reproduce

1. have freeipa-server-dns installed and configured, at least with one zone present by ipa dnszone-find command
2. rndc reload
3. journalctl -xeu | grep "sending notifies"

Expected results

sending notifies is stopped when requested and enabled by default only, like in normal configuration.

Actual results

sending notifies is enabled by default and cannot be stopped or restricted. Notifies are sent for each zone unconditionally. Each zone from LDAP sends notifies even if notify no; tries to stop them.

notify explicit; does not change it also.