mirror of
https://salsa.debian.org/freeipa-team/freeipa.git
synced 2024-12-24 16:10:02 -06:00
443ecbc29e
When definining a topology of a forest to be visible over a cross-forest trust, we set *.<forest name> as all-catch top level name already. This means that all DNS subdomains of the forest will already be matched by this top level name (TLN). If we add more TLNs for subdomains, Active Directory will respond with NT_STATUS_INVALID_PARAMETER. Filter out all subdomains of the forest root domain. All other realm domains will be added with explicit TLN records. Also filter out single label domains. These aren't possible to add as TLNs to Windows Server 2016 as it considers them incorrect. Given that we do not allow single lable domains as part of freeIPA installs, this is another layer of protection here. Fixes https://pagure.io/freeipa/issue/6666 Reviewed-By: Christian Heimes <cheimes@redhat.com> |
||
---|---|---|
.. | ||
advise | ||
dnssec | ||
install | ||
plugins | ||
secrets | ||
__init__.py | ||
dcerpc.py | ||
dns_data_management.py | ||
Makefile.am | ||
p11helper.py | ||
rpcserver.py | ||
servroles.py | ||
setup.cfg | ||
setup.py | ||
topology.py |