samba_dnsupdate changes for better RODC support

Andrew Bartlett abartlet at samba.org
Wed Nov 27 16:06:50 MST 2013


On Thu, 2013-11-21 at 11:14 -0500, Michael Brown wrote:
> While attempting to get samba4 RODC functionality working I encountered 
> a few problems with DNS entries not being added. This patch helps 
> alleviate them.
> 
> Most of the changes are a result of seeing how Windows 2008R2 behaves in 
> the same setup and duplicating that. For example, these two DNS records:
> 
> SRV _ldap._tcp.${SITE}._sites.DomainDnsZones.${DNSDOMAIN} ${HOSTNAME} 389
> SRV _ldap._tcp.${SITE}._sites.ForestDnsZones.${DNSFOREST} ${HOSTNAME} 389
> 
> Unfortunately samba won't *actually* add them yet:
> Unable to map to netlogon DNS update: SRV 
> _ldap._tcp.shire._sites.domaindnszones.main.adlab.netdirect.ca 
> sles-shire.main.adlab.netdirect.ca 389
> Unable to map to netlogon DNS update: SRV 
> _ldap._tcp.shire._sites.forestdnszones.main.adlab.netdirect.ca 
> sles-shire.main.adlab.netdirect.ca 389
> 
> This has *not* been tested in a full DC scenario, I've been focusing on 
> RODC.

I'm not entirely convinced this is correct.  For example, are you
comparing an RODC that is also configured as a global catalog server?

Also, the ForestDNSZones an DomainDNSZones stuff needs to be conditional
on us hosting DNS. 

Andrew Bartlett

-- 
Andrew Bartlett
http://samba.org/~abartlet/
Authentication Developer, Samba Team  http://samba.org
Samba Developer, Catalyst IT          http://catalyst.net.nz/services/samba






More information about the samba-technical mailing list