Univention Bugzilla – Full Text Bug Listing |
Summary: | wrong owner sid for samba4 dns object if object was created by the connector -> ddns update fails | ||
---|---|---|---|
Product: | UCS | Reporter: | Felix Botner <botner> |
Component: | S4 Connector | Assignee: | Connector maintainers <connector-maintainers> |
Status: | RESOLVED WONTFIX | QA Contact: | |
Severity: | normal | ||
Priority: | P5 | CC: | gohmann, requate |
Version: | UNSTABLE | ||
Target Milestone: | --- | ||
Hardware: | Other | ||
OS: | Linux | ||
See Also: | https://forge.univention.org/bugzilla/show_bug.cgi?id=34910 | ||
What kind of report is it?: | --- | What type of bug is this?: | --- |
Who will be affected by this bug?: | --- | How will those affected feel about the bug?: | --- |
User Pain: | Enterprise Customer affected?: | ||
School Customer affected?: | ISV affected?: | ||
Waiting Support: | Flags outvoted (downgraded) after PO Review: | ||
Ticket number: | Bug group (optional): | ||
Max CVSS v3 score: |
Description
Felix Botner
2013-12-03 12:34:10 CET
I think the current behavior is OK. Just for future reference: Yes this is regular documented behaviour for what Microsoft refers to as "secure dynamic updates". See: * http://technet.microsoft.com/en-us/library/cc959308.aspx#EAAA * http://technet.microsoft.com/en-us/library/cc961412.aspx#EAAA We might want to check / utilize the special behaviour of the DNSUpdateProxy group in Samba. If Samba supports this, we might want to put the sync user into that group to keep him from taking ownership of the records. See Ticket#2015100821000533 for a collection of more details. |