[cifs-protocol] [EXTERNAL] [MS-DNSP] sticky static dns updates - TrackingID#2106070040005009

Andrew Bartlett abartlet at samba.org
Tue Jun 8 00:19:44 UTC 2021

On Tue, 2021-06-08 at 10:11 +1200, Douglas Bagnall via cifs-protocol
> hi Jeff,
> The client side is Samba. If you are able to compile and run Samba 
> testcases, I can prepare a git branch or patch that contains this
> test.
> Attached is a network capture, though the ldap is all encrypted.
> I have not tried with a Windows client.
> Douglas
> On 8/06/21 5:46 am, Jeff McCashland wrote:
> > 
> > -----Original Message-----
> > From: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
> > Sent: Sunday, June 6, 2021 11:55 PM
> > To: Interoperability Documentation Help <dochelp at microsoft.com>;
> > cifs-protocol <cifs-protocol at lists.samba.org>
> > Subject: [EXTERNAL] [MS-DNSP] sticky static dns updates
> > 
> > hi Dochelp,
> > 
> > Another question around DNS nodes and records, based on tests
> > against 2012r2.
> > 8. A new record D is added using DNS update. This record also gets
> > a zero timestamp, although there is nothing in the LDAP node object
> > to tell it that. Record A still has its original timestamp.

> > My questions relate to the behaviour in step 8.
> > 
> > As far as I can see, there is no method in the documented protocols
> > to determine that a node has the "static bit" set (short of
> > creating a record). It is not recorded in the ldap objects, and not
> > revealed over RPC. Is this correct?


I think the issue here may relate to the Windows DNS server being
backed onto AD in an odd way, it isn't a live backing like we use, but
something more complex, meaning we get these kind of cache coherency
issues.  It might be that the DNS server code pre-dated AD, the the AD
backend is synced or such, perhaps MS might be willing to say.

I'm pretty sure we have seen things like this before, even in your
earlier step where you had to tickle the server to make it realise that
LDAP had changed.

Andrew Bartlett

Andrew Bartlett (he/him)       https://samba.org/~abartlet/
Samba Team Member (since 2001) https://samba.org
Samba Team Lead, Catalyst IT   https://catalyst.net.nz/services/samba

Samba Development and Support, Catalyst IT - Expert Open Source

More information about the cifs-protocol mailing list