Bug 9408 - DBCheck should pay close attention to DC
Summary: DBCheck should pay close attention to DC
Status: NEW
Alias: None
Product: Samba 4.0
Classification: Unclassified
Component: AD: LDB/DSDB/SAMDB (show other bugs)
Version: unspecified
Hardware: All All
: P5 normal (vote)
Target Milestone: ---
Assignee: Jo Sutton
QA Contact: Samba QA Contact
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2012-11-17 08:19 UTC by Ricky
Modified: 2021-03-18 23:04 UTC (History)
1 user (show)

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Ricky 2012-11-17 08:19:08 UTC
I joined my freenas box to the AD server the other day, but the join page was a bit confusing and had a field under the servers fields, but above the password fields called 'netbios name', which to me meant the netbios name of the server. Well the join appeared to work fine, until I noticed certain things not working on my main DC, when I asked about this in IRC, I found out that that field should actually contain the Netbios Name I wanted to join with. So I had completely broken the trust of my main DC to the rest of my system by joining freenas as the name of my main DC. It took a bit of work (and a great deal of help from Andrew Bartlet), but finally I rejoined the DC to the network and got my 2 DC's back in sync.

Andrew asked me to file a bug on this stating that the DBCheck should make sure that the DC is correct with its own NTDS settings, server and account objects and that it is in  sync with secrets.ldb.
Comment 1 Andrew Bartlett 2021-03-18 23:04:46 UTC
We should perhaps also simply refuse to have our own DC account broken by a client connecting to us.

This would be a divergence from Windows, but helpful I think.