Univention Bugzilla – Bug 41006
S4-Connector doesn't sync MX / TXT records if A record is set
Last modified: 2016-08-18 15:15:31 CEST
# dig @localhost foobar.school.local +short A 1.2.3.4 # dig @localhost foobar.school.local +short AAAA fe80::1c1f:dff:fe62:11ba # dig @localhost foobar.school.local +short TXT # dig @localhost foobar.school.local +short MX # univention-ldapsearch -LLL relativeDomainName=foobar | ldapsearch-wrapper | sort aAAARecord: fe80:0000:0000:0000:1c1f:0dff:fe62:11ba aRecord: 1.2.3.4 dn: relativeDomainName=foobar,zoneName=school.local,cn=dns,dc=school,dc=local dNSTTL: 10800 mXRecord: 1 mxserver objectClass: dNSZone objectClass: top objectClass: univentionObject relativeDomainName: foobar tXTRecord: some_text univentionObjectType: dns/host_record zoneName: school.local
Works with BIND: # ucr get dns/backend ldap # udm dns/host_record create \ --superordinate "$(udm dns/forward_zone list | sed -ne 's/^DN: //p;T;q')" \ --set name=foobar \ --append a=1.2.3.4 \ --append a=fe80:0000:0000:0000:1c1f:0dff:fe62:11ba \ --set mx='10 mail.univention.de.' \ --set txt=some_text # dig +short @localhost foobar.$(dnsdomainname) any fe80::1c1f:dff:fe62:11ba "some_text" 10 mail.univention.de. 1.2.3.4 But not with SAMBA4: # ucr get dns/backend samba4 # dig +short @localhost foobar.$(dnsdomainname) any 1.2.3.4 fe80::1c1f:dff:fe62:11ba
Ah yes!
Same problem here! Is there a plan to fix it?
Created attachment 7831 [details] sync_mx_and_txt_dns_records.diff The MX and TXT attributes are not synchronized by the S4-Connector currently. The attached patch basically adds this. Please note that I just barely tested it up to this point.
Created attachment 7833 [details] sync_mx_and_txt_dns_records.diff Updated patch to apply to latest errata version.
seems to be a problem here: Ticket#2016071921000357
*** Bug 35169 has been marked as a duplicate of this bug. ***
*** Bug 23730 has been marked as a duplicate of this bug. ***
Created attachment 7837 [details] sync_mx_and_txt_dns_records.diff Updated patch * respect quoting and properly split quoted txt record elements * support dns/txt_record objects too Tested with: ========================================================= root# samba-tool dns add -UAdministrator%univention \ "$(hostname).$(dnsdomainname)" "$(dnsdomainname)" \ txtexample1 TXT '"test1 test2" test3' root# host -t txt txtexample1 txtexample1.univention.test descriptive text "test1 test2" "test3" root# samba-tool dns add -UAdministrator%univention \ "$(hostname).$(dnsdomainname)" "$(dnsdomainname)" \ txtexample1 TXT 'test4' root# host -t txt txtexample1 txtexample1.univention.test descriptive text "test1 test2" "test3" txtexample1.univention.test descriptive text "test4" root# univention-ldapsearch -xLLL relativedomainname=txtexample1 tXTRecord dn: relativeDomainName=txtexample1,zoneName=univention.test,cn=dns,dc=univention,d c=test tXTRecord: "test1 test2" "test3" tXTRecord: "test4" ## And the other way around, with lazy quoting for element "test3": root# udm dns/txt_record create \ --superordinate "$(udm dns/forward_zone list | sed -ne 's/^DN: //p;T;q')" \ --set name=txtexample2 \ --append txt='"test1 test2" test3' \ --append txt='test4' root# univention-ldapsearch -xLLL relativedomainname=txtexample2 tXTRecord dn: relativeDomainName=txtexample2,zoneName=univention.test,cn=dns,dc=univenti on,dc=test tXTRecord: "test1 test2" test3 tXTRecord: test4 root# host -t txt txtexample2 txtexample2.univention.test descriptive text "test1 test2" "test3" txtexample2.univention.test descriptive text "test4" =========================================================
Created attachment 7840 [details] sync_mx_and_txt_dns_records.diff Updated patch * Adjust S4-Connector Samba/AD object creation to include new "rank" flag The Samba/AD DNS object has a flag "rank" which e.g. flags records as authoritative, see https://msdn.microsoft.com/en-us/library/cc448912.aspx . Since we currently don't set this properly, the "samba-tool dns" tool ignores dnsRecord attributed created (or modified) by the S4-Connector. E.g. ======================================================================== root@master-42-90:~# samba-tool dns add -U Administrator%univention \ "$(hostname).$(dnsdomainname)" $(dnsdomainname) \ txtexample5 TXT '"test1 test2" test3' Record added successfully root# samba-tool dns update -U Administrator%univention \ "$(hostname).$(dnsdomainname)" "$(dnsdomainname)" \ txtexample5 TXT '"test1 test2" test3' '"test1 test2" test5' ERROR: Record does not exist ======================================================================== What? Turns out, the dnsRecord attribute is now flagged as DNS_RANK_NONE Authoritative records should be flagged as DNS_RANK_ZONE With this updated patch "samba-tool dns query" also finds the records and "samba-tool dns update" can modify individual values attribute values.
happend here again: Ticket#2016080521000381
Package rebuilt in errata4.1-3. univention-s4-connector (10.0.1-19) unstable; urgency=medium * Bug #41006: Synchronize TXTRecord Additional fixes: - Consider MX record in s4_host_record_create too - Adjust to updated Samba code: use Samba CNameRecord object - Adjust to updated Samba code: set new rank attribute - Fix some cut&paste errors in log messages Advisory: univention-s4-connector.yaml
*** Bug 37346 has been marked as a duplicate of this bug. ***
Code review: OK YAML: OK ucs-test: OK Tests: OK, the test cases from Comment 1, Comment 9 and Comment 10 work now.
<http://errata.software-univention.de/ucs/4.1/236.html>