Kacper Wirski
2018-Jul-21 12:23 UTC
[Samba] samba 4.8 with bind - bugged dns entry in reverse lookup zone
Hello, I stumbled upon weird error/bug. My setup: 4.8.3 AD on centos 7.5 (compiled from source). BIND as dns running on AD DC with secure dns updates setup and working. Most of the DNS updates are dynamic, some added manually using windows DNS manager. One of the PTR entries in reverse lookup zone went missing. It's not visible in the windows DNS manager, it's nowhere to be found when running samba-tool dns query, BUT if I try to add it, I receive error, that this host already exists. I am certain I did create this entry a couple months ago and it's the only one that went "rogue". Any advice, how to procede now? Where (and how) should I look for this bugged entry to correct it/'remove it and add again? Regards, Kacper
Kacper Wirski
2018-Jul-21 18:57 UTC
[Samba] samba 4.8 with bind - bugged dns entry in reverse lookup zone
Hello, I found this bugged record with ldbsearch -H path/to/samba/bind-dns/dns/sam.ldb.d/DC\=DOMAINDNSZONES\,DC\=SUBDOMAIN\,DC\=DOMAIN\,DC\=PL.ldb '(name=49)' So I have a couple of questions - hopefully someone can shed some light: - am I looking in correct .ldb for bind-dns? - can I remove this record? If yes what's the best method? Should samba and/or bind be stopped? As I have 2 DC's, is editing on one enough? SHould both be stopped? Regards, Kacper W dniu 21.07.2018 o 14:23, Kacper Wirski via samba pisze:> Hello, > > I stumbled upon weird error/bug. > > My setup: > > 4.8.3 AD on centos 7.5 (compiled from source). > > BIND as dns running on AD DC with secure dns updates setup and > working. Most of the DNS updates are dynamic, some added manually > using windows DNS manager. > > One of the PTR entries in reverse lookup zone went missing. It's not > visible in the windows DNS manager, it's nowhere to be found when > running samba-tool dns query, BUT if I try to add it, I receive error, > that this host already exists. I am certain I did create this entry a > couple months ago and it's the only one that went "rogue". > > Any advice, how to procede now? Where (and how) should I look for this > bugged entry to correct it/'remove it and add again? > > > Regards, > > Kacper > >
Rowland Penny
2018-Jul-21 19:24 UTC
[Samba] samba 4.8 with bind - bugged dns entry in reverse lookup zone
On Sat, 21 Jul 2018 20:57:07 +0200 Kacper Wirski via samba <samba at lists.samba.org> wrote:> Hello, > > I found this bugged record with > > ldbsearch -H > path/to/samba/bind-dns/dns/sam.ldb.d/DC\=DOMAINDNSZONES\,DC\=SUBDOMAIN\,DC\=DOMAIN\,DC\=PL.ldb > '(name=49)' > > So I have a couple of questions - hopefully someone can shed some > light: > > - am I looking in correct .ldb for bind-dns?No, only operate on sam.ldb, you need the '--cross-ncs' option to ldbsearch.> - can I remove this record?yes, provided it is the correct record.> If yes what's the best method?ldbdelete ?>Should > samba and/or bind be stopped?Neither should need to be stopped.> As I have 2 DC's, is editing on one enough?Yes, the change should be replicated to the other.> SHould both be stopped?No, you shouldn't need to stop either. Rowland
Possibly Parallel Threads
- samba 4.8 with bind - bugged dns entry in reverse lookup zone
- samba 4.8 with bind - bugged dns entry in reverse lookup zone
- samba 4.8 with bind - bugged dns entry in reverse lookup zone
- samba AD - bind - deleted DNS entries are not removed completely
- dynamic update for reverse lookup zone denied - insufficient access rights