samba - Oct 2021 - Device ends up with multiple dns records and IP addresses

On Wed, 2021-10-20 at 11:40 +0100, Sebastian Arcus via samba
wrote:
> I have a server with:
> 
> Samba 4.9.4 in AD mode
> Bind 9.14.2
> ISC Dhcpd 4.4.1
> 
> Samba is configured to use Bind for the dns back-end, and dynamic
> dns 
> updates from dhcpd->Samba->Bind are configured using the script at
> Samba.org
> 
> I have this strange situation where one of the printers has ended up 
> with 11 records in the dns back-end:
> 
> # host SEC001599AB9439
> SEC001599AB9439.ihs-uk.lan has address 192.168.51.184
> SEC001599AB9439.ihs-uk.lan has address 192.168.51.176
> SEC001599AB9439.ihs-uk.lan has address 192.168.51.179
> SEC001599AB9439.ihs-uk.lan has address 192.168.51.144
> SEC001599AB9439.ihs-uk.lan has address 192.168.51.241
> SEC001599AB9439.ihs-uk.lan has address 192.168.51.229
> SEC001599AB9439.ihs-uk.lan has address 192.168.51.231
> SEC001599AB9439.ihs-uk.lan has address 192.168.51.172
> SEC001599AB9439.ihs-uk.lan has address 192.168.51.177
> SEC001599AB9439.ihs-uk.lan has address 192.168.51.235
> SEC001599AB9439.ihs-uk.lan has address 192.168.51.182
> 
> In order to start troubleshooting, I can't get my head around which 
> software is not working properly. Is it the job of dhcpd not to allow
> a 
> same device to request a different IP, or is it the Samba script, or 
> Samba, or Bind? Which one should normally prevent this from
> happening? 
> Thank you much for any suggestions.
Sorry to be so long in replying.

Not sure what is going on here.

dhcp passes the full ipaddress to the update script e.g. 192.168.0.56

in the 'add' case, any existing 'A' record for the computer is
obtained
by running 'samba-tool dns query'. If no record is found, a new one is
added. If an 'A' record that matches the supplied ipaddress is found,
then nothing happens. finally, if the ipaddress found by samba-tool is
different from the ipaddress passed to the script, then the existing
'A' record is deleted and a new one added.

Is there any way that the printer is updating its own record ?

Rowland

On 22/10/2021 16:28, Rowland Penny via samba wrote:
> On Wed, 2021-10-20 at 11:40 +0100, Sebastian Arcus via samba wrote:
>> I have a server with:
>>
>> Samba 4.9.4 in AD mode
>> Bind 9.14.2
>> ISC Dhcpd 4.4.1
>>
>> Samba is configured to use Bind for the dns back-end, and dynamic
>> dns
>> updates from dhcpd->Samba->Bind are configured using the script
at
>> Samba.org
>>
>> I have this strange situation where one of the printers has ended up
>> with 11 records in the dns back-end:
>>
>> # host SEC001599AB9439
>> SEC001599AB9439.ihs-uk.lan has address 192.168.51.184
>> SEC001599AB9439.ihs-uk.lan has address 192.168.51.176
>> SEC001599AB9439.ihs-uk.lan has address 192.168.51.179
>> SEC001599AB9439.ihs-uk.lan has address 192.168.51.144
>> SEC001599AB9439.ihs-uk.lan has address 192.168.51.241
>> SEC001599AB9439.ihs-uk.lan has address 192.168.51.229
>> SEC001599AB9439.ihs-uk.lan has address 192.168.51.231
>> SEC001599AB9439.ihs-uk.lan has address 192.168.51.172
>> SEC001599AB9439.ihs-uk.lan has address 192.168.51.177
>> SEC001599AB9439.ihs-uk.lan has address 192.168.51.235
>> SEC001599AB9439.ihs-uk.lan has address 192.168.51.182
>>
>> In order to start troubleshooting, I can't get my head around which
>> software is not working properly. Is it the job of dhcpd not to allow
>> a
>> same device to request a different IP, or is it the Samba script, or
>> Samba, or Bind? Which one should normally prevent this from
>> happening?
>> Thank you much for any suggestions.
> 
> Sorry to be so long in replying.
> 
> Not sure what is going on here.
> 
> dhcp passes the full ipaddress to the update script e.g. 192.168.0.56
> 
> in the 'add' case, any existing 'A' record for the computer
is obtained
> by running 'samba-tool dns query'. If no record is found, a new one
is
> added. If an 'A' record that matches the supplied ipaddress is
found,
> then nothing happens. finally, if the ipaddress found by samba-tool is
> different from the ipaddress passed to the script, then the existing
> 'A' record is deleted and a new one added.
> 
> Is there any way that the printer is updating its own record ?
Thank you for getting back to me with the detailed info. I guess I must 
have an older version of the script, as the 'add' case uses the 
following code to obtain the A record for the computer (at the top it 
reads v0.9.0):

     # does host have an existing 'A' record ?
     A_REC=$(host -t A "${name}" | awk '{print $NF}')

Still, I'm not sure how the above could have resulted in multiple
'A'
records.

Regarding your question, I can't really think how the printer would be 
able to update its own dns record. It is a Samsung SCX-4833FD - and I 
can't see how it would have the authority to ask Bind or Samba to update 
the record directly. Even if it tried, I believe it would be refused - I 
think?

I am a bit mystified by all this. I deleted all the A records for this 
printer, and let it renew its IP address. It's been 4 days and I've just
checked - it still has only one A record.

I guess I'll keep an eye on things, and if it happens again, I will try 
to run the ddns update script by hand, and see if I can figure out what 
is happening.

Still, your explanation above was very useful - thank you again for 
taking the time.

Sebastian