Internal DNS server. Failure, when a client a) registers an IP b) deletes that IP c) registers again

Michael Wood esiotrot at
Sat Jun 1 01:48:07 MDT 2013

Hi Ricky and Kai

On 1 June 2013 09:39, Kai Blin <kai at> wrote:

> On 31/05/13 17:42, Michael Wood wrote:
>  Should "allow dns updates = yes" (or "true" or "1" or "on" or "enabled")
>> be deprecated for 4.1?  It seems like it's likely to be used by mistake
>> otherwise when the user does not read the documentation properly or
>> copies an smb.conf from someone's blog etc.
> Yes and no. Let me elaborate on this a little.
> Yes, because that setting should not be in smb.conf after all, but should
> be read from the zone's flags like the Windows DNS server does.
> No, because even on Windows it is possible to set up unsigned updates, so
> I'm against killing that setting overall.

You both misunderstood my proposal.

I was proposing to get rid of the following (IMO misleading) options:

allow dns updates = yes
allow dns updates = true
allow dns updates = 1
allow dns updates = on
allow dns updates = enabled

I was NOT proposing to get rid of the following:

allow dns updates = nonsecure and secure
allow dns updates = nonsecure

I hope that clarifies my proposal.

> There's an open bug for switching to the AD-based setting.
> Patches are welcome.
> Cheers,
> Kai

Michael Wood <esiotrot at>

More information about the samba-technical mailing list