Enhancement #2729

Use DNS A record to locate AD controllers

Added by Davide Principi over 5 years ago. Updated over 5 years ago.

Status:CLOSEDStart date:
Priority:NormalDue date:
Assignee:-% Done:

100%

Category:nethserver-mail-server
Target version:v6.5
Resolution: NEEDINFO:No

Description

Currently Dovecot, Postfix and SOGo templates use output from net ads info command to obtain DC informations.

As explained in How DNS Support for Active Directory Works DNS can be used to obtain such informations. The DC address is returned by a A query to "domainname".

This allow a simple re-implementation of those templates that is not sensible to environments with more than one controller (MS DNS use weights and possibly round-robin policy).


Related issues

Related to NethServer 6 - Enhancement #2727: Configurable AD accounts LDAP subtree CLOSED

Associated revisions

Revision b0530114
Added by Davide Principi over 5 years ago

Use DNS host (A) Records Registered by Net Logon. Refs #2729

Simplifies the resolution of domain controllers IP addresses.

Revision 2f6345f4
Added by Davide Principi over 5 years ago

Active directory: use static configuration. Refs #2729 #2727

- Use DNS A record, to resolve domain controllers IP.
- Enhanced AdsLdapServer prop, allowing specification of PROTO and
PORT.
- Added AdsCredentials DB default.
- Use smb/AdsLdapAccountsBranch as search base for accounts

History

#1 Updated by Davide Principi over 5 years ago

  • Status changed from TRIAGED to ON_DEV
  • Assignee set to Davide Principi
  • % Done changed from 20 to 30

#2 Updated by Davide Principi over 5 years ago

TODO Documentation

In nethserver-sogo add/update description for the following props:
  • AdsCredentials
  • AdsLdapServer

#3 Updated by Davide Principi over 5 years ago

  • Status changed from ON_DEV to MODIFIED
  • Assignee deleted (Davide Principi)
  • % Done changed from 30 to 60

Test case

After upgrading you must find the realm or the machine domain name (i.e. adnethesis.it) in the following config files:

    # grep adnethesis.it /etc/dovecot/active-directory.conf /etc/postfix/active-directory*
/etc/dovecot/active-directory.conf:uris = ldap://adnethesis.it:389
/etc/postfix/active-directory-groups:server_host = adnethesis.it
/etc/postfix/active-directory-users:server_host = adnethesis.it

#4 Updated by Davide Principi over 5 years ago

  • Status changed from MODIFIED to ON_QA
  • % Done changed from 60 to 70

In nethserver-testing:
nethserver-sogo-1.3.0-3.0gitb0e1dd4b.ns6.noarch.rpm
nethserver-samba-1.4.2-3.0git6ceaca1a.ns6.noarch.rpm
nethserver-mail-server-1.6.4-7.0gitad134a1f.ns6.noarch.rpm

#5 Updated by Nicola Rauso over 5 years ago

  • Assignee set to Nicola Rauso

#6 Updated by Nicola Rauso over 5 years ago

  • Status changed from ON_QA to VERIFIED
  • Assignee deleted (Nicola Rauso)
  • % Done changed from 70 to 90

Tested: ok

#7 Updated by Giacomo Sanchietti over 5 years ago

  • Status changed from VERIFIED to CLOSED
  • % Done changed from 90 to 100
Released in nethserver-updates:
  • nethserver-samba-1.4.3-1.ns6.noarch.rpm
  • nethserver-sogo-1.4.0-1.ns6.noarch.rpm
  • nethserver-mail-server-1.7.0-1.ns6.noarch.rpm

Also available in: Atom PDF