samba - Oct 2016 - Another DNS problem

I just changed a DNS/rDNS record using samba-tool. According to 
samba-tool the change actually occurred. I can query the new record:

 > samba-tool dns query nikita.samdom.example.com samdom.example.com dc1 ALL
   Name=, Records=1, Children=0
     A: 192.168.1.6 (flags=f0, serial=149, ttl=900)

Similarly the rDNS shows:

samba-tool dns query nikita.samdom.example.com 1.168.192.in-addr.arpa 
6.1.168.192.in-addr.arpa ALL
   Name=, Records=1, Children=0
     PTR: dc1.samdom.example.com (flags=f0, serial=108, ttl=900)

But named says otherwise:

 > dig -x 192.168.1.6 +short @nikita.samdom.example.com
www-new.samdom.example.com.

 > dig dc1.samdom.example.com +short @nikita.samdom.example.com

 > dig www-new.samdom.example.com +short @nikita.samdom.example.com
192.168.1.6

I had this happen once before and had to do something to force the 
change. I don't remember what or why. Can anyone help? I would love to 
get this problem fixed so it doesn't occur again.

-- 
Paul (ganci at nurdog.com)
Cell: (303)257-5208

On 10/08/2016 08:59 PM, Paul R. Ganci via samba wrote:
> I just changed a DNS/rDNS record using samba-tool. According to 
> samba-tool the change actually occurred. I can query the new record:
>
> > samba-tool dns query nikita.samdom.example.com samdom.example.com 
> dc1 ALL
>   Name=, Records=1, Children=0
>     A: 192.168.1.6 (flags=f0, serial=149, ttl=900)
>
> Similarly the rDNS shows:
>
> samba-tool dns query nikita.samdom.example.com 1.168.192.in-addr.arpa 
> 6.1.168.192.in-addr.arpa ALL
>   Name=, Records=1, Children=0
>     PTR: dc1.samdom.example.com (flags=f0, serial=108, ttl=900)
>
> But named says otherwise:
>
> > dig -x 192.168.1.6 +short @nikita.samdom.example.com
> www-new.samdom.example.com.
>
> > dig dc1.samdom.example.com +short @nikita.samdom.example.com
>
> > dig www-new.samdom.example.com +short @nikita.samdom.example.com
> 192.168.1.6
>
> I had this happen once before and had to do something to force the 
> change. I don't remember what or why. Can anyone help? I would love to 
> get this problem fixed so it doesn't occur again.
>
Maybe I found the root problem. I want back to backups to find the 
command I used the last time this issue occurred.

 > samba_upgradedns --dns-backend=BIND9_DLZ
Reading domain information
DNS accounts already exist
No zone file /var/lib/samba/private/dns/SAMDOM.EXAMPLE.COM.zone
DNS records will be automatically created
DNS partitions already exist
dns-nikita account already exists
See /var/lib/samba/private/named.conf for an example configuration 
include file for BIND
and /var/lib/samba/private/named.txt for further documentation required 
for secure DNS updates
Finished upgrading DNS
You have switched to using BIND9_DLZ as your dns backend, but still have 
the internal dns starting. Please make sure you add '-dns' to your 
server services line in your smb.conf.

I added the -dns to the smb.conf, restarted samba-ad and named and now 
it seems like the DNS changes to effect:
 > dig dc1.samdom.example.com +short
192.168.1.6
 > dig -x 192.168.1.6 +short
dc1.samdom.example.com.

I am not sure why I had to do the above. Back when I provisioned the 
domain samba-4.0 I definitely provisioned to use the bind back-end. I 
guess things have evolved not that samba-4.4.6 is running.
-- 
Paul (ganci at nurdog.com)
Cell: (303)257-5208