Bug 11108 - Samba allows changing own DNS A Record by client request
Summary: Samba allows changing own DNS A Record by client request
Status: NEW
Alias: None
Product: Samba 4.1 and newer
Classification: Unclassified
Component: DNS server (internal) (show other bugs)
Version: 4.1.16
Hardware: All All
: P5 normal (vote)
Target Milestone: 4.3
Assignee: Kai Blin
QA Contact: Samba QA Contact
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2015-02-20 14:08 UTC by Tim Eberhardt
Modified: 2015-12-09 19:10 UTC (History)
2 users (show)

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Tim Eberhardt 2015-02-20 14:08:27 UTC
We have a Samba 4.1.16 (Sernet packages) DC running under Ubuntu 14.04 and tested sssd's AD authentication on a Linux client (Ubuntu 14.04).

We made a mistake configuring sssd and set the DC's hostname under the ad_hostname setting (which should be the clients hostname). After that the DC was no longer working properly (no shares, kerberos, ...) because the registration of the client with the DC's hostname changed the DNS A record the DC itself.

IMO this should not be possible and samba should protect it's own DNS record against manipulation by client machines.
Comment 1 Andrew Bartlett 2015-08-10 03:21:48 UTC
Is this any different in Windows?  It would be good to work out the mechanism.

BTW, you can seriously damage a Samba or Windows AD DC by changing it's own password from a client joining with the same name (using the admin credentials).