Bug 12008 - RODCs are not read-only
RODCs are not read-only
Status: NEW
Product: Samba 4.1 and newer
Classification: Unclassified
Component: AD: LDB/DSDB/SAMDB
4.4.4
All All
: P5 normal
: ---
Assigned To: Andrew Bartlett
Samba QA Contact
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2016-07-04 04:20 UTC by Bob Campbell
Modified: 2016-07-04 07:10 UTC (History)
1 user (show)

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Bob Campbell 2016-07-04 04:20:59 UTC
RODCs can add and delete objects from their local LDB without restriction. This is because the only relevant RODC check is only done to modifications. A side-effect of this is that the KCC creates local links from an RODC to other DCs.