bind 9.11.3 BIND9_FLATFILE update-policy

Andreas Schneider asn at samba.org
Fri Sep 21 14:46:37 UTC 2018


On Friday, 21 September 2018 09:05:24 CEST L.P.H. van Belle via samba-
technical wrote:
> Hai,
> 
> From a systems engineers point of view.
> Totaly agree here. Just drop the flatfile, it has no use for samba in the
> future.
> 
> Better improve the current DLZ and its functions then having an old set that
> raises questions everytime. And it save time chaising and old set of code,
> which is hardly/(never) used.

Even the current DLZ module should be removed as it opens an attack surface. 
You need to run bin un'chroot'ted and give it root privileges to directly work 
on the Samba AD database.

The right thing would be to add Samba support to:

https://pagure.io/bind-dyndb-ldap


	Andreas

-- 
Andreas Schneider                      asn at samba.org
Samba Team                             www.samba.org
GPG-ID:     8DFF53E18F2ABC8D8F3C92237EE0FC4DCC014E3D





More information about the samba-technical mailing list