s3:net: disable dynamic dns updates at the end of "net ads join" in a cluster (bug...

In a clustered environment, registering the set of ip addresses that are
assigned to the interfaces of the node that performs the join does usually
not have the desired effect, since the local interfaces do not carry
complete set of the cluster's public IP addresses.  And it can also contain
internal addresses that should not be visible to the outside at all.
In order to do dns updates in a clustererd setup, use net ads dns register.

This fixes the net ads join part of bug #7871.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit b8f19df53e66bf0260b4ae6c49acea87ac379deb)
(cherry picked from commit 1c73d52ddddfcec25cf079da4a0d6bf81fb030da)
(cherry picked from commit ae5ba417d3599cf6ad81a9612e7998a30d8a4061)

diff --git a/source3/utils/net_ads.c b/source3/utils/net_ads.c
index 6b354ed66f598a38569249a446ef6f305c53c3c4..8c04eda788882617a4418ef25e4aadbd28851080 100644 (file)
--- a/source3/utils/net_ads.c
+++ b/source3/utils/net_ads.c
@@ -1380,6 +1380,23 @@ int net_ads_join(struct net_context *c, int argc, const char **argv)
        }
 
 #if defined(WITH_DNS_UPDATES)
+       /*
+        * In a clustered environment, don't do dynamic dns updates:
+        * Registering the set of ip addresses that are assigned to
+        * the interfaces of the node that performs the join does usually
+        * not have the desired effect, since the local interfaces do not
+        * carry the complete set of the cluster's public IP addresses.
+        * And it can also contain internal addresses that should not
+        * be visible to the outside at all.
+        * In order to do dns updates in a clustererd setup, use
+        * net ads dns register.
+        */
+       if (lp_clustering()) {
+               d_fprintf(stderr, _("Not doing automatic DNS update in a"
+                                   "clustered setup.\n"));
+               goto done;
+       }
+
        if (r->out.domain_is_ad) {
                /* We enter this block with user creds */
                ADS_STRUCT *ads_dns = NULL;
@@ -1406,6 +1423,8 @@ int net_ads_join(struct net_context *c, int argc, const char **argv)
                ads_destroy(&ads_dns);
        }
 #endif
+
+done:
        TALLOC_FREE(r);
        TALLOC_FREE( ctx );