tickets with wrong DNS

Brandon Allbery ballbery at sinenomine.net
Sat Jun 7 10:31:44 EDT 2014


On Sat, 2014-06-07 at 16:13 +0200, steve wrote:
> We have a Samba4 domain with some Linux clients joined under DHCP. We
> are updating their DNS records via the nsupdate facility in SSSD. All is
> fine, but the worrying issue is that the machines still function even
> with the wrong rr registered in dns. Is this correct behaviour?

Nowhere near enough information to even guess... but Windows domains
(and therefore samba4) tend to use Kerberos principals based on the
netbios name instead of DNS name, so it's not unlikely. As to the more
unixy stuff, if the machine(s) in question aren't servers, they likely
don't care much about their DNS entries; the only common service that
does is the MTA (sendmail/postfix/etc.), and these days it's rare for
clients to run their own MTAs in anything but local queueing mode where
a hosts file entry is generally good enough.

-- 
brandon s allbery kf8nh                           sine nomine associates
allbery.b at gmail.com                              ballbery at sinenomine.net
unix, openafs, kerberos, infrastructure, xmonad    http://sinenomine.net




More information about the Kerberos mailing list