9327 – DNS server shouldn't not start if DC is not marked has master NC for the DNS partitions

Bug 9327 - DNS server shouldn't not start if DC is not marked has master NC for the DNS partitions

Summary: DNS server shouldn't not start if DC is not marked has master NC for the DNS ...

Status:	NEW

Alias:	None

Product:	Samba 4.0
Classification:	Unclassified
Component:	DNS server (show other bugs)
Version:	4.0.0rc2
Hardware:	All All

Importance:	P5 normal (vote)
Target Milestone:	---
Assignee:	Kai Blin
QA Contact:	Samba QA Contact

URL:
Keywords:

Depends on:
Blocks:

Reported:	2012-10-24 03:51 UTC by Matthieu Patou
Modified:	2012-11-09 12:43 UTC (History)
CC List:	2 users (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Matthieu Patou 2012-10-24 03:51:58 UTC

If DNS related partitions are only partially replicated dnsRecord won't be present.

So if the NTDSDSA object of the DC doesn't have 

msDS-hasMasterNCs: DC=ForestDnsZones,DC=domain,DC=tld
msDS-hasMasterNCs: DC=DomainDnsZones,DC=domain,DC=tld

Then it shouldn't run.

Comment 1 Amitay Isaacs 2012-11-09 12:43:47 UTC

Do we need to implement this for DLZ also?  

If DLZ plugin does not load the zones, there is no way to tell bind to reload the zones at a later time without restarting BIND or reloading using rndc. Might be a good idea, so DNS server never will work even if BIND is started by mistake.

I guess same restriction can be added to DNS RPC server.  It's much easier for RPC server since it can check the NTDSDSA object each time a RPC query for DNS comes in and reply an error if we don't have full replica.