Bug 9902 - Internal DNS should not do a cross-NC search for dnsZone objects
Summary: Internal DNS should not do a cross-NC search for dnsZone objects
Status: NEW
Alias: None
Product: Samba 4.0
Classification: Unclassified
Component: DNS server (show other bugs)
Version: unspecified
Hardware: All All
: P5 normal (vote)
Target Milestone: ---
Assignee: Kai Blin
QA Contact: Samba QA Contact
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2013-05-25 10:29 UTC by Kai Blin
Modified: 2014-07-29 11:01 UTC (History)
1 user (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Kai Blin 2013-05-25 10:29:20 UTC 
Internal dns_server does a cross-ncs search for all dnsZone object.

This wrong as if there is more than 1 domain and the DC is a GC then it will
have (partial)replica of DomainDNS zone for other domain. Also tests against
windows have shown that cross-ncs search didn't search into application
partitions:

./bin/ldbsearch -H ldap://172.16.100.244 -Uadministrator%totoTATA123
--cross-ncs '(objectclass=dnszone)' dn 
# record 1
dn: DC=RootDNSServers,CN=MicrosoftDNS,CN=System,DC=w2k3,DC=home,DC=matws,DC=net

# returned 1 records
# 1 entries
# 0 referrals