From b8f19df53e66bf0260b4ae6c49acea87ac379deb Mon Sep 17 00:00:00 2001 From: Michael Adam Date: Thu, 2 Dec 2010 00:42:21 +0100 Subject: s3:net: disable dynamic dns updates at the end of "net ads join" in a cluster (bug #7871) In a clustered environment, registering the set of ip addresses that are assigned to the interfaces of the node that performs the join does usually not have the desired effect, since the local interfaces do not carry complete set of the cluster's public IP addresses. And it can also contain internal addresses that should not be visible to the outside at all. In order to do dns updates in a clustererd setup, use net ads dns register. This fixes the net ads join part of bug #7871. Signed-off-by: Stefan Metzmacher --- source3/utils/net_ads.c | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) (limited to 'source3/utils') diff --git a/source3/utils/net_ads.c b/source3/utils/net_ads.c index 0b2165d73f..8f0d2fb815 100644 --- a/source3/utils/net_ads.c +++ b/source3/utils/net_ads.c @@ -1407,6 +1407,23 @@ int net_ads_join(struct net_context *c, int argc, const char **argv) } #if defined(WITH_DNS_UPDATES) + /* + * In a clustered environment, don't do dynamic dns updates: + * Registering the set of ip addresses that are assigned to + * the interfaces of the node that performs the join does usually + * not have the desired effect, since the local interfaces do not + * carry the complete set of the cluster's public IP addresses. + * And it can also contain internal addresses that should not + * be visible to the outside at all. + * In order to do dns updates in a clustererd setup, use + * net ads dns register. + */ + if (lp_clustering()) { + d_fprintf(stderr, _("Not doing automatic DNS update in a" + "clustered setup.\n")); + goto done; + } + if (r->out.domain_is_ad) { /* We enter this block with user creds */ ADS_STRUCT *ads_dns = NULL; @@ -1433,6 +1450,8 @@ int net_ads_join(struct net_context *c, int argc, const char **argv) ads_destroy(&ads_dns); } #endif + +done: TALLOC_FREE(r); TALLOC_FREE( ctx ); -- cgit