Can I disallow DNS zone transfers?
In UCS by default a zone transfer from any of the UCS servers to any clients is allowed. This can be seen as a security risk.
When all servers in the UCS domain use samba4 as DNS backend (dns/backend=samba4) you can disallow the zone transfer by
ucr set dns/allow/transfer=none
On host which use ldap as DNS backend (
ucr set dns/backend=ldap) you should not disallow the zone transfer.
To reduce security risks a bug has been created.