[PATCH] s4/dsdb: dsdb_validate_invocation_id() should validate by objectGUID
Matthias Dieter Wallnöfer
mdw at samba.org
Mon Apr 26 10:16:30 MDT 2010
this is very likely a problem in the "LogonGetDomainInfo" call (netlogon
pipe). Please try to look at this code to see where the problem lies -
but I can tell you: there exist strict and somewhat obfuscated rules
when "dNSHostName" will be set/changed and when not.
Kamen Mazdrashki wrote:
> hi Andrew,
> On Mon, Apr 26, 2010 at 07:19, Andrew Bartlett<abartlet at samba.org> wrote:
>> On Mon, 2010-04-26 at 00:31 +0300, Kamen Mazdrashki wrote:
>>> Tridge, Andrew,
>>> Could you please review following patch:
>>> vampire-test-fix effor, I've found this function actually should be
>>> searching DSA's record by objectGUID
>>> as it is objectGUID that is send in DRSUpdateRefs() call.
>> Have you check that this is also the case with Windows clients? (Samba
>> may be getting this wrong). Perhaps Windows doesn't actually check
>> I can confirm now that w2k8 sends objectGUID of "NTDS Settings" object.
> BTW, after vampiring s w2k8 domain, we don't set 'dNSHostName' for the
> server object
> of our new DC?
> Is this intentionally or a bug?
> This caused me a lot of troubles to try to replicate from WinDCs to Samba
> one (and vice versa) :)
More information about the samba-technical