3.0.26a DNS update bug ?
Martin Zielinski
mz at seh.de
Wed Sep 12 13:31:13 GMT 2007
Hello!
I'm using samba-3.0.26a and heimdal 0.7.2
I failed creating a non-existing DNS entry on the ADS-DC during the
domain join or the "net ads dns register" command (modifying an existing
entry succeeds).
I found out, that "dnsgss.c - dns_negotiate_sec_ctx()" calls the
heimdal function "gss_import_name()" with an
"oid" "\052\206\110\206\367\022\001\002\002\002".
This oid does not exist in the heimdal sources. So gss_import_name will
allways fail.
And - as far as i understand it - the name has allready been resolved
earlier with the krb5_parse_name function.
So if I call:
err = dns_negotiate_gss_ctx_int(mem_ctx, conn, keyname,
host_principal, gss_ctx, srv_type );
instead of
err = dns_negotiate_gss_ctx_int(mem_ctx, conn, keyname,
targ_name, gss_ctx, srv_type );
the dns update succeeds (in heimdal gss_name_t and krb5_principal are
the same).
Bye,
~ Martin
P.S. And no, I don't *really* know, what happens here, and I haven't
tried it with MIT.
More information about the samba-technical
mailing list