Internal DNS server. Failure, when a client a) registers an IP b) deletes that IP c) registers again

Michael Wood esiotrot at gmail.com
Sat Jun 1 01:48:07 MDT 2013


Hi Ricky and Kai

On 1 June 2013 09:39, Kai Blin <kai at samba.org> wrote:

> On 31/05/13 17:42, Michael Wood wrote:
>
>
>  Should "allow dns updates = yes" (or "true" or "1" or "on" or "enabled")
>> be deprecated for 4.1?  It seems like it's likely to be used by mistake
>> otherwise when the user does not read the documentation properly or
>> copies an smb.conf from someone's blog etc.
>>
>
> Yes and no. Let me elaborate on this a little.
>
> Yes, because that setting should not be in smb.conf after all, but should
> be read from the zone's flags like the Windows DNS server does.
>
> No, because even on Windows it is possible to set up unsigned updates, so
> I'm against killing that setting overall.
>

You both misunderstood my proposal.

I was proposing to get rid of the following (IMO misleading) options:

allow dns updates = yes
allow dns updates = true
allow dns updates = 1
allow dns updates = on
allow dns updates = enabled

I was NOT proposing to get rid of the following:

allow dns updates = nonsecure and secure
allow dns updates = nonsecure

I hope that clarifies my proposal.


> There's an open bug for switching to the AD-based setting.
> https://bugzilla.samba.org/**show_bug.cgi?id=9331<https://bugzilla.samba.org/show_bug.cgi?id=9331>
> Patches are welcome.
>
>
> Cheers,
> Kai
>

-- 
Michael Wood <esiotrot at gmail.com>


More information about the samba-technical mailing list