Skip to content

Add AD-Legacy zone fallback for --add-dns-record#2140

Open
Q2Flc2FySec wants to merge 1 commit intofortra:masterfrom
Q2Flc2FySec:dns_legacy_zone
Open

Add AD-Legacy zone fallback for --add-dns-record#2140
Q2Flc2FySec wants to merge 1 commit intofortra:masterfrom
Q2Flc2FySec:dns_legacy_zone

Conversation

@Q2Flc2FySec
Copy link
Contributor

@Q2Flc2FySec Q2Flc2FySec commented Mar 10, 2026

Currently, --add-dns-record only attempts to create DNS records in the AD-Domain partition (DomainDnsZones). This fails on environments where DNS is stored in the AD-Legacy partition (CN=MicrosoftDNS,CN=System).

This PR adds a fallback mechanism: if creating a record in the AD-Domain partition fails, it automatically retries against the AD-Legacy partition. The duplicate-check and subsequent NS record creation (for wpad) are also aware of both partitions to ensure consistency.

Changes:

  • Define dns_base_dn_legacy alongside the existing dns_base_dn
  • Extend the existing-record check to cover both partitions
  • Wrap A record creation in a fallback: AD-Domain → AD-Legacy
  • Track which partition succeeded (active_dns_base_dn) so the NS record is placed in the same location

added dns legacy zone support
7c28455 
Signed-off-by: Thomas Caesar <thomas.caesar@sva.de>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@Q2Flc2FySec