7540 – Windows w2k8 is not able to register SRV records when it's able to register A record

Bug 7540 - Windows w2k8 is not able to register SRV records when it's able to register A record

Summary: Windows w2k8 is not able to register SRV records when it's able to register A...

Status:	RESOLVED FIXED

Alias:	None

Product:	Samba 4.0
Classification:	Unclassified
Component:	AD: LDB/DSDB/SAMDB (show other bugs)
Version:	unspecified
Hardware:	Other Linux

Importance:	P3 normal (vote)
Target Milestone:	---
Assignee:	Andrew Bartlett
QA Contact:	samba4-qa@samba.org

URL:
Keywords:

Depends on:
Blocks:

Reported:	2010-07-01 03:04 UTC by Matthieu Patou
Modified:	2012-03-15 09:03 UTC (History)
CC List:	0 users

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Matthieu Patou 2010-07-01 03:04:24 UTC

I keep receiving errors about the windows server not able to register the SRV record: _VLMCS._TCP.domain.

Registering A and PTR record is ok, I guess this is due to the fact the updates rules authorize only a workstation to update its own A and AAAA record.

In theory we could had a rule to allow any authenticated tier to register a SRV record but it's major security threat as anyone could then register _msdcs.domain records (ie the one used for locating dcs ...).

Comment 1 Matthieu Patou 2011-02-23 14:25:25 UTC

No update on this bug as we need a more fined grain way to control ACLs on DNS updates

Comment 2 Amitay Isaacs 2012-02-28 12:06:48 UTC

Hi Matthieu,

Is this still an issue? If the AD ACL model allows, windows server should be able to update that record. Can you give me more information?

Comment 3 Matthias Dieter Wallnöfer 2012-03-15 09:03:22 UTC

I'm closing this since it seems to have been fixed. If not, please reopen, ekacnet.