DNS/netbios WAS: Re: New Microsoft Knowledgebase article

Michael H. Warfield mhw at wittsend.com
Wed Jan 12 18:33:38 GMT 2000 

On Thu, Jan 13, 2000 at 05:12:08AM +1100, Luke Kenneth Casson Leighton wrote:
> > > are there some scripts that take the netbios name from a dhcpd.leases
> > > file and genereate some bind config files (some A, and IN PTR records
> > > .) ?
> > > (in order to keep the DNS and netbios names in sync ...)

> > 	I saw (had) some scripts that worked with the ISC dhcpd server
> > and translated to dynamic DNS updates.  Problem was that you need to
> > do some REALLY GOOD filtering because some of those netbios names are
> > ILLEGAL in DNS (names with illegal characters likes spaces, dashes, dots,
> > etc, etc, etc).  Then you have to decide just what to do when someone
> > DOES add a name with illegal characters.  It seems that the DHCP
> > protocol has no provisions for refusing an address because the name
> > is illegal.

> only <00> / <20> and <1b> names should be registered (SMB client / SMB
> server /  DOMAIN name).

	But we're not talking about names from the Netbios name table, Luke.
We're talking about the name that shows up in the DHCP leases file.  That
name is the node name / workstation name that the workstation uses when
requesting a dhcp lease.  That would be the basis for the names you mentioned
after it gets on the net (has the lease) and is able to add the appropriately
synthesized netbios names.  That 15 character name can have characters which
are illegal in a DNS zone file.  So someone names their PC "My PC_2.".  Note
that the space and the underbar (I was thinking it was a dash - but a
dash is legal) are illegal in a domain name.  Putting a "." in a simple
name is a sure fired way to commit random acts of terrorism, especially
trailing dots which have very specific, very special, meaning in DNS
zone specifications (it means don't append the current zone to the name).

	Some guys discovered the hard way that arbitrarily taking the
node name from the dhcp leases file and plugging it into a DNS zone
file was a good way to get bind to bitch and dump your entire zone
into the dumper due to an illegal entry.  Happened to several people
playing with the DHCP to Dynamic DNS scripts.

	Mike
-- 
 Michael H. Warfield    |  (770) 985-6132   |  mhw at WittsEnd.com
  (The Mad Wizard)      |  (770) 331-2437   |  http://www.wittsend.com/mhw/
  NIC whois:  MHW9      |  An optimist believes we live in the best of all
 PGP Key: 0xDF1DD471    |  possible worlds.  A pessimist is sure of it!

More information about the samba-ntdom mailing list