action #57308

Domain names are restricted to two parts

Added by hgraeber 6 months ago. Updated 6 months ago.

Status:WorkableStart date:24/09/2019
Priority:NormalDue date:
Assignee:flacco% Done:

0%

Category:Feature
Target version:Future
Duration:

Description

Domain names in invis-server are restricted to exactly two components, for example "ad.loc".

The samba wiki suggests the use a subdomain of a public domain name for active directory. This will result in name like "ad.mysite.net" for the domain resp. "server.ad.mysite.de" for the server, where "mysite.net" is the public domain name.

This is not possible with invis-server. Sometimes the full name will be used, sometimes "ad.mysite" is used instead. For example, LDAP will use dc=ad,dc=mysite. With this some components of invis server do not work. Using the portal results in invalid LDAP credentials and other anomalies I have (e. g. dhcpd doesn't run), may be a consequence of this restriction, too.

A short term solution may be to check the domain name during setup, so that it contains exactly one ".". A long term solution will be to drop the restriction alltogether.

History

#1 Updated by flacco 6 months ago

  • Project changed from invis-server to invisAD-setup
  • Category set to Feature
  • Status changed from New to Workable
  • Assignee set to flacco
  • Target version set to Future

Absolutly your point.

We know about this invis-Server restriction and should work on this. I will have a look at it after my vacation.

Also available in: Atom PDF