@@ -, +, @@ 
 1. Due to this patch for UCS 3.1
    dlz_bind9 reads from the proper /var/lib/samba/private/sam.ldb, thus picking
    up the pre-2k3 zones. If it finds a pre-2k3 zone, it neglects the
    2k3 application partitions.
    ( /var/lib/samba/private/sam.ldb.d/CN=.*DNSZONES,$ldap_base.ldb )
 2. If all systems in the domain are enforced to be UCS 3.1 before the update
    to UCS 3.2 we could remove this patch, such that:
    dlz_bind9 reads from /var/lib/samba/private/dns/sam.ldb which contains a
    hardlink /var/lib/samba/private/dns/sam.ldb.d/CN=DOMAINDNSZONES,$ldap_base.ldb
    but does not contain the Windows 2000 DNS data of the real domain partition.
--- samba4-4.0.0~rc2.orig/source4/dns_server/dlz_bind9.c	2012-11-27 12:38:50.000000000 +0100
+++ samba4-4.0.0~rc2.orig/source4/dns_server/dlz_bind9.c	2012-11-26 15:22:32.180000376 +0100
@@ -640,7 +640,7 @@ _PUBLIC_ isc_result_t dlz_create(const c
 	}
 
 	if (state->options.url == NULL) {
-		state->options.url = lpcfg_private_path(state, state->lp, "dns/sam.ldb");
+		state->options.url = lpcfg_private_path(state, state->lp, "sam.ldb");
 		if (state->options.url == NULL) {
 			result = ISC_R_NOMEMORY;
 			goto failed;
@@ -1107,6 +1107,7 @@ _PUBLIC_ isc_result_t dlz_configure(dns_
 	TALLOC_CTX *tmp_ctx;
 	struct ldb_dn *dn;
 	int i;
+	bool zone_found = false;
 
 	state->log(ISC_LOG_INFO, "samba_dlz: starting configure");
 	if (state->writeable_zone == NULL) {
@@ -1163,6 +1164,12 @@ _PUBLIC_ isc_result_t dlz_configure(dns_
 				return result;
 			}
 			state->log(ISC_LOG_INFO, "samba_dlz: configured writeable zone '%s'", zone);
+			zone_found = true;
+		}
+
+		// skip the application partitions if there is a pre-2k3 zone on the domain partition
+		if (!strcmp(zone_prefixes[i], "CN=MicrosoftDNS,CN=System") && zone_found) {
+			break;
 		}
 	}