[PATCH] DNS scavenging in the AD DC
Stefan Metzmacher
metze at samba.org
Tue Jul 10 15:37:18 UTC 2018
Am 10.07.2018 um 11:35 schrieb Andrew Bartlett via samba-technical:
> On Tue, 2018-07-10 at 09:22 +0200, Stefan Metzmacher wrote:
>> Am 10.07.2018 um 07:21 schrieb Andrew Bartlett via samba-technical:
>>> Attached here is the latest iteration of Aaron's DNS scavenging patch
>>> series, as cleaned up by Gary and myself.
>>>
>>> While there is much more I would like to see done (dbcheck rules to
>>> handle the existing records, command-line tools to change the
>>> settings), at this time this is a useful improvement and finally
>>> creates static and dynamic records correctly.
>>
>> Do you have a strategy how to detect broken records, older versions
>> have added?
>
> I don't have a good plan on that yet.
>
>> Can we do some magic using 110 as magic?
>>
>> git grep 110 source4/dns_server/
>> source4/dns_server/dns_utils.c: uint32_t dwSerial = 110;
>> source4/dns_server/pydns.c: static const int serial = 110;
>> source4/dns_server/pydns.c: static const int serial = 110;
>
> I'm still trying to track down what BIND9_DLZ is using.
>
>> And change that value in the fixing patchset?
>
> Sure, I can at least do that.
>
>> I'd really like to avoid to force a manual cleanup of this
>> to administrators.
>
> Understood.
>
>> And we also have to make sure that we don't delete records
>> in existing setups, which where supposed to be static!
>
> Sure, but this is off by default anyway.
>
> Should we just disable it at the smb.conf level as well until we sort
> out a more complete plan?
Yes, please.
>>> Aside from the WHATSNEW it is reviewed by Gary and myself, and the
>>> tests have been run against Windows and the windows static record
>>> behaviour has been clarified by Microsoft.
>>>
>>> https://gitlab.com/samba-team/samba/merge_requests/26
>>>
>>> CI: https://gitlab.com/catalyst-samba/samba/pipelines/25444977
>
> Hmm, CI was unhappy. I'll investigate.
>
>>> Please review and push!
>>
>> Can you please add bug references to
>> https://bugzilla.samba.org/show_bug.cgi?id=10812
>> and
>> https://bugzilla.samba.org/show_bug.cgi?id=12451
>
> I did add both, I guess you want them on more patches? (Easily done,
> tomorrow).
I didn't noticed the related url on the commits which fix the specific
bug.
metze
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20180710/cef431d2/signature.sig>
More information about the samba-technical
mailing list