dNSHostName of Server object

Stefan (metze) Metzmacher metze at samba.org
Mon Aug 2 09:52:07 MDT 2010 

Hi Anatoliy,

> I did the checks you recommended and i found where is the creation of the dNSHostName attribute.

Thanks!

> When i do a dcpromo the server that i am joining to isn't responsible for creating the dNSHostName for my Server entry. After i finish the dcpromo process there isn't a dNSHostName entry set on the server that i join to, but there is an entry set on the server that is joining to the domain. This entry is then being promoted to the first DC during replication. The update of the dNSHostName attribute happens during dcpromo and exist only in the db of the joining server. The attachment is the proposed fix for this.

I think we should do this before the ldb_transaction_prepare_commit() in
libnet_Vampire(),
so that it happens inside the transaction.

metze

> ----- Original Message -----
>> From: Stefan (metze) Metzmacher <metze at samba.org>
>> To: Anatoliy Atanasov <anatoliy.atanasov at postpath.com>
>> Cc: samba-technical at samba.org <samba-technical at samba.org>
>> Sent: Thursday, July 29, 2010 4:33:14 PM (GMT+02:00) Athens, Bucharest, Istanbul
>> Subject: Re: dNSHostName of Server object
> 
>>> Hi Anatoliy,
>>
>>> I noticed that when you join 2nd DC to win2k8 domain the dNSHostName 
>> attribute of the Server object in the Servers container is filled 
>> correctly by the DC which you join to. We didn't do that. I looked 
>> with wireshark when this happens but i couldn't find it on the wire so 
>> i think it was filled by the DC you are joining to during DRSR 
>> AddEntry call. The documentation doesn't say anything specific for 
>> dNSHostName being send on the wire with that call nor that we should 
>> update it then, but i figured that if we update the SPNs there it 
>> would be a good place to do that too. A patch is attached with the fix,
>>  please review it.
>>
>> You should not guess:-)
>>
>> - Look at the replication meta data of the dNSHostName attribute and 
>> see
>> if it's created in the same
>>   transaction as the DsAddEntry call.
>>
>> - add ldap searches to the libnet_become_dc code before and after the
>> DsAddEntry call
>>   in order to see if it was added.
>>
>> metze

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 262 bytes
Desc: OpenPGP digital signature
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20100802/1ad338d4/attachment.pgp>

More information about the samba-technical mailing list