Q1 . This in my opinion is a bug / security issue.
Anyone can reset any users password just by entering in there username since a new password is auto-generated and sent to the account email. This can cause problems for billing systems like whmcs which connect to an account to create new sub-accounts and will stop it working. Ideally the password should not be reset but a link sent to the account email to then go and reset the password so only the account email owner can reset the password.
Q2. SRV records do not seem to be being created in bind? Are they not supported?
Hi Marco – sorry for the delay replying! Nothing at all mentioned in logs as far as I can see. Yep we’ve tried adding by formatting it like that (tried every variation we could think of). When the SRV record is added, SolidCP says “Saving DNS Zone Record” but then the page refreshes and the SRV record isn’t there (and it’s not in the BIND .db file either). When we add the SRV record directly to the BIND .db file, it works fine (have tried copying and pasting from the BIND file and then trying to add another record within SolidCP and that still doesn’t work) but it looks like SolidCP isn’t able to add the SRV records directly (other DNS records work fine).
For SRV records the first importand thing is: how do you enter them?
As the record should be something like _service._tcp (with a dot in there and protocol behind it).
As Solidcp does not provide a specific protocol field it has to be added together in the service field.
the rest works pretty similar to others.
Hi Marco. We’re having the same problem as the original poster with BIND SRV records not working.
We use a few control panels (SolidCP, DirectAdmin, and CPanel) and DA+CPanel can add SRV records to our BIND nameservers fine but SolidCP can’t – we had the same problem with WebsitePanel before we upgraded to SolidCP too.
I can’t see anything in the logs throwing up any errors about why it’s not working, is there anything specifically you’d like me to look out for and send over?
Q1. From what i know A password reset url is possible if the Cloud Storage portal is setup however when a password request is sent the account is automatically locked out untill the password is reset as a security measure.
Please note this will still get WHMCS Out of sync, as to my knowledge the password does never update there.
Q2. I have not tested with bind only with MS DNS, however they are supposed to work. Do you have any dns logs / event viewer logs / audit logs that can help give any clues as to why it’s not working for you?
- Views791 times
- Answers5 answers