Bug 42537

Summary: AD Member Mode: No DNS Reverse Zone entries in AD for UCS systems
Product: UCS Reporter: Michael Grandjean <grandjean>
Component: AD ConnectorAssignee: Samba maintainers <samba-maintainers>
Status: RESOLVED WONTFIX QA Contact:
Severity: normal    
Priority: P5 CC: alexander.wotschke, andree.hingst, requate, stephan.hendl
Version: UCS 4.1   
Target Milestone: ---   
Hardware: Other   
OS: Linux   
See Also: https://forge.univention.org/bugzilla/show_bug.cgi?id=39806
What kind of report is it?: Bug Report What type of bug is this?: 3: Simply Wrong: The implementation doesn't match the docu
Who will be affected by this bug?: 2: Will only affect a few installed domains How will those affected feel about the bug?: 2: A Pain – users won’t like this once they notice it
User Pain: 0.069 Enterprise Customer affected?: Yes
School Customer affected?: ISV affected?:
Waiting Support: Flags outvoted (downgraded) after PO Review:
Ticket number: 2016092921000325 Bug group (optional):
Max CVSS v3 score:

Description Michael Grandjean univentionstaff 2016-09-29 23:03:34 CEST 
UCS 4.1-3 errata 282
Windows Server 2012 R2

I joined several UCS systems as part of an existing Active Directory domain (AD Member Mode). The UCS systems do have DNS entries in the Forward Zone of the Active Directory, but no Reverse Zone entries:

Windows AD DC: ada.future-inc.example.org - 10.200.30.177
UCS Master: mary.future-inc.example.org - 10.200.30.166

> nameserver1: 10.200.30.177
> nameserver2: <empty>
> nameserver3: <empty>

> root@mary:~# host mary
> mary.future-inc.example.org has address 10.200.30.166
> root@mary:~# host 10.200.30.166
> Host 166.30.200.10.in-addr.arpa. not found: 3(NXDOMAIN)

> root@mary:~# host 10.200.30.177
> 177.30.200.10.in-addr.arpa domain name pointer ada.future-inc.example.org.
Comment 1 Arvid Requate univentionstaff 2016-10-04 14:10:45 CEST 
During join samba seems to only create a record in the forward zone.
Also "net ads dns register" doesn't seem to implement the functionality for PTR.


I guess the python tool "samba_dnsupdate" would be the generic place to implement this in Samba (it reads a template file /var/lib/samba/private/dns_update_list), which is a frontend to "nsupdate". This registration may be done via the univention-samba joinscript.


FYI: AFAIK Windows Clients don't register PTR records by default (see Bug 32427): http://sdb.univention.de/content/20/241/en/windows-7-reverse-lookup-dns-registration.html?highlight=reverse
Comment 2 Stefan Gohmann univentionstaff 2019-01-03 07:23:01 CET 
This issue has been filled against UCS 4.1. The maintenance with bug and security fixes for UCS 4.1 has ended on 5st of April 2018.

Customers still on UCS 4.1 are encouraged to update to UCS 4.3. Please contact
your partner or Univention for any questions.

If this issue still occurs in newer UCS versions, please use "Clone this bug" or simply reopen the issue. In this case please provide detailed information on how this issue is affecting you.