Hi Maxence,> Fyi, i've updated to 4.7.1, the dbcheck still not fix the broken links, > is the fix you talk about planned for a future release ? > > Our customer reported me, some users have issues when their logon server > is DC1 but not when it's DC2. > > On DC1 some users have access to all shares, some doesn't have any > access at all.actually this last symptom was the one that got us to hack quickly a solution for the issue with orphaned backlink attribute 'memberOf'. You'll probably have to do some cleanup as I pointed out in my last mail. The bugzilla entry [1] you mentioned and corresponding patch prevents the problem from happening, but I don't think it fixes it. Cheers, Denis [1] https://bugzilla.samba.org/show_bug.cgi?id=13095> > > > On 11/02/2017 04:38 PM, Andrew Bartlett wrote: >> On Thu, 2017-11-02 at 16:19 +0100, Maxence Sartiaux via samba wrote: >>> >> No worries. >> >> Andrew Bartlett >> >-- Denis Cardon Tranquil IT Systems Les Espaces Jules Verne, bâtiment A 12 avenue Jules Verne 44230 Saint Sébastien sur Loire tel : +33 (0) 2.40.97.57.55 http://www.tranquil-it-systems.fr
Hello. To follow-up this issue, since the upgrade, when i do a named reload it crash, look like there's duplicated zones. Here's the log when i trigger a reload nov 05 03:09:02 data.contoso.com named[2807]: received control channel command 'reload' nov 05 03:09:02 data.contoso.com named[2807]: loading configuration from '/etc/named.conf' nov 05 03:09:02 data.contoso.com named[2807]: reading built-in trusted keys from file '/etc/named.iscdlv.key' nov 05 03:09:02 data.contoso.com named[2807]: initializing GeoIP Country (IPv4) (type 1) DB nov 05 03:09:02 data.contoso.com named[2807]: GEO-106FREE 20160607 Build 1 Copyright (c) 2016 MaxMind nov 05 03:09:02 data.contoso.com named[2807]: initializing GeoIP Country (IPv6) (type 12) DB nov 05 03:09:02 data.contoso.com named[2807]: GEO-106FREE 20160607 Build 1 Copy nov 05 03:09:02 data.contoso.com named[2807]: GeoIP City (IPv4) (type 2) DB not available nov 05 03:09:02 data.contoso.com named[2807]: GeoIP City (IPv4) (type 6) DB not available nov 05 03:09:02 data.contoso.com named[2807]: GeoIP City (IPv6) (type 30) DB not available nov 05 03:09:02 data.contoso.com named[2807]: GeoIP City (IPv6) (type 31) DB not available nov 05 03:09:02 data.contoso.com named[2807]: GeoIP Region (type 3) DB not available nov 05 03:09:02 data.contoso.com named[2807]: GeoIP Region (type 7) DB not available nov 05 03:09:02 data.contoso.com named[2807]: GeoIP ISP (type 4) DB not available nov 05 03:09:02 data.contoso.com named[2807]: GeoIP Org (type 5) DB not available nov 05 03:09:02 data.contoso.com named[2807]: GeoIP AS (type 9) DB not available nov 05 03:09:02 data.contoso.com named[2807]: GeoIP Domain (type 11) DB not available nov 05 03:09:02 data.contoso.com named[2807]: GeoIP NetSpeed (type 10) DB not available nov 05 03:09:02 data.contoso.com named[2807]: using default UDP/IPv4 port range: [1024, 65535] nov 05 03:09:02 data.contoso.com named[2807]: using default UDP/IPv6 port range: [1024, 65535] nov 05 03:09:02 data.contoso.com named[2807]: sizing zone task pool based on 6 zones nov 05 03:09:02 data.contoso.com named[2807]: Loading 'AD DNS Zone' using driver dlopen nov 05 03:09:02 data.contoso.com named[2807]: samba_dlz: starting configure nov 05 03:09:02 data.contoso.com named[2807]: samba_dlz: Ignoring duplicate zone 'ratchet.com' from 'DC=@,DC=ratchet.com,CN=MicrosoftDNS,DC=DomainDnsZones,DC=contoso,DC=com' nov 05 03:09:02 data.contoso.com named[2807]: samba_dlz: Ignoring duplicate zone '17.172.in-addr.arpa' from 'DC=@,DC=17.172.in-addr.arpa,CN=MicrosoftDNS,DC=DomainDnsZones,DC=contoso,DC=com' nov 05 03:09:02 data.contoso.com named[2807]: samba_dlz: Ignoring duplicate zone 'johndoe.com' from 'DC=@,DC=johndoe.com,CN=MicrosoftDNS,DC=DomainDnsZones,DC=contoso,DC=com' nov 05 03:09:02 data.contoso.com named[2807]: samba_dlz: Ignoring duplicate zone 'contoso.com' from 'DC=@,DC=contoso.com,CN=MicrosoftDNS,DC=DomainDnsZones,DC=contoso,DC=com' nov 05 03:09:02 data.contoso.com named[2807]: samba_dlz: Ignoring duplicate zone '_msdcs.contoso.com' from 'DC=@,DC=_msdcs.contoso.com,CN=MicrosoftDNS,DC=ForestDnsZones,DC=contoso,DC=com' nov 05 03:09:02 data.contoso.com named[2807]: using built-in DLV key for view _default nov 05 03:09:02 data.contoso.com named[2807]: automatic empty zone: 10.IN-ADDR.ARPA nov 05 03:09:02 data.contoso.com named[2807]: automatic empty zone: 16.172.IN-ADDR.ARPA .... nov 05 03:09:02 data.contoso.com named[2807]: automatic empty zone: 110.100.IN-ADDR.ARPA nov 05 03:09:02 data.contoso.com systemd[1]: named.service: main process exited, code=killed, status=6/ABRT nov 05 03:09:02 data.contoso.com sh[24531]: kill: échec de changement de d'envoi de signal vers 2807: Aucun processus de ce type nov 05 03:09:02 data.contoso.com systemd[1]: named.service: control process exited, code=exited status=1 nov 05 03:09:02 data.contoso.com sh[24537]: Utilisation : nov 05 03:09:02 data.contoso.com sh[24537]: kill [options] <pid|nom> [...] nov 05 03:09:02 data.contoso.com sh[24537]: Options : nov 05 03:09:02 data.contoso.com sh[24537]: -a, --all ne pas restreindre la conversion de nom en PID aux nov 05 03:09:02 data.contoso.com sh[24537]: processus avec le même UID que le processus actuel nov 05 03:09:02 data.contoso.com sh[24537]: -s, --signal <sig> envoyer le signal indiqué nov 05 03:09:02 data.contoso.com sh[24537]: -q, --queue <sig> utiliser sigqueue(2) au lieu de kill(2) nov 05 03:09:02 data.contoso.com sh[24537]: -p, --pid afficher les PID sans leur envoyer de signal nov 05 03:09:02 data.contoso.com sh[24537]: -l, --list [=<signal>] afficher les noms de signal, ou en convertir un en nom nov 05 03:09:02 data.contoso.com sh[24537]: -L, --table afficher les noms et numéros de signal nov 05 03:09:02 data.contoso.com sh[24537]: -h, --help afficher cette aide et quitter nov 05 03:09:02 data.contoso.com sh[24537]: -V, --version afficher les informations de version et quitter nov 05 03:09:02 data.contoso.com sh[24537]: Consultez kill(1) pour obtenir des précisions complémentaires. nov 05 03:09:02 data.contoso.com systemd[1]: named.service: control process exited, code=exited status=1 nov 05 03:09:02 data.contoso.com systemd[1]: Reload failed for Berkeley Internet Name Domain (DNS). nov 05 03:09:02 data.contoso.com systemd[1]: Unit named.service entered failed state. nov 05 03:09:02 data.contoso.com systemd[1]: named.service failed. Is it related to Samba after the same bug ? If i remove the samba dlz part in the named config, it's fine. Thanks :) ----- Mail original ----- De: "Denis Cardon" <dcardon at tranquil.it> À: "Maxence Sartiaux" <msartiaux at it-optics.com>, "Andrew Bartlett" <abartlet at samba.org> Cc: samba at lists.samba.org Envoyé: Vendredi 3 Novembre 2017 11:02:18 Objet: Re: [Samba] corrupted db after upgrading to 4.7 Hi Maxence,> Fyi, i've updated to 4.7.1, the dbcheck still not fix the broken links, > is the fix you talk about planned for a future release ? > > Our customer reported me, some users have issues when their logon server > is DC1 but not when it's DC2. > > On DC1 some users have access to all shares, some doesn't have any > access at all.actually this last symptom was the one that got us to hack quickly a solution for the issue with orphaned backlink attribute 'memberOf'. You'll probably have to do some cleanup as I pointed out in my last mail. The bugzilla entry [1] you mentioned and corresponding patch prevents the problem from happening, but I don't think it fixes it. Cheers, Denis [1] https://bugzilla.samba.org/show_bug.cgi?id=13095> > > > On 11/02/2017 04:38 PM, Andrew Bartlett wrote: >> On Thu, 2017-11-02 at 16:19 +0100, Maxence Sartiaux via samba wrote: >>> >> No worries. >> >> Andrew Bartlett >> >-- Denis Cardon Tranquil IT Systems Les Espaces Jules Verne, bâtiment A 12 avenue Jules Verne 44230 Saint Sébastien sur Loire tel : +33 (0) 2.40.97.57.55 http://www.tranquil-it-systems.fr
Hai, This does not seem right. nov 05 03:09:02 data.contoso.com named[2807]: samba_dlz: starting configure nov 05 03:09:02 data.contoso.com named[2807]: samba_dlz: Ignoring duplicate zone 'ratchet.com' from 'DC=@,DC=ratchet.com,CN=MicrosoftDNS,DC=DomainDnsZones,DC=contoso,DC=com' nov 05 03:09:02 data.contoso.com named[2807]: samba_dlz: Ignoring duplicate zone '17.172.in-addr.arpa' from 'DC=@,DC=17.172.in- And DC=@ ? Did you remove the hostname or is this "as-is". Check if in bind9, if there is any configuration done for zones: ratchet.com and 17.172.in-addr.arpa Remove/remark, any configuration for that and try again. I suggest stop bind and samba and start again. Dont use reload/restart Greetz, Louis> -----Oorspronkelijk bericht----- > Van: samba [mailto:samba-bounces at lists.samba.org] Namens > Maxence SARTIAUX via samba > Verzonden: maandag 6 november 2017 11:40 > Aan: Andrew Bartlett > CC: samba at lists.samba.org; Denis Cardon > Onderwerp: Re: [Samba] corrupted db after upgrading to 4.7 > > Hello. > > To follow-up this issue, since the upgrade, when i do a named > reload it crash, look like there's duplicated zones. > > Here's the log when i trigger a reload > > > nov 05 03:09:02 data.contoso.com named[2807]: received > control channel command 'reload' > nov 05 03:09:02 data.contoso.com named[2807]: loading > configuration from '/etc/named.conf' > nov 05 03:09:02 data.contoso.com named[2807]: reading > built-in trusted keys from file '/etc/named.iscdlv.key' > nov 05 03:09:02 data.contoso.com named[2807]: initializing > GeoIP Country (IPv4) (type 1) DB > nov 05 03:09:02 data.contoso.com named[2807]: GEO-106FREE > 20160607 Build 1 Copyright (c) 2016 MaxMind > nov 05 03:09:02 data.contoso.com named[2807]: initializing > GeoIP Country (IPv6) (type 12) DB > nov 05 03:09:02 data.contoso.com named[2807]: GEO-106FREE > 20160607 Build 1 Copy > nov 05 03:09:02 data.contoso.com named[2807]: GeoIP City > (IPv4) (type 2) DB not available > nov 05 03:09:02 data.contoso.com named[2807]: GeoIP City > (IPv4) (type 6) DB not available > nov 05 03:09:02 data.contoso.com named[2807]: GeoIP City > (IPv6) (type 30) DB not available > nov 05 03:09:02 data.contoso.com named[2807]: GeoIP City > (IPv6) (type 31) DB not available > nov 05 03:09:02 data.contoso.com named[2807]: GeoIP Region > (type 3) DB not available > nov 05 03:09:02 data.contoso.com named[2807]: GeoIP Region > (type 7) DB not available > nov 05 03:09:02 data.contoso.com named[2807]: GeoIP ISP (type > 4) DB not available > nov 05 03:09:02 data.contoso.com named[2807]: GeoIP Org (type > 5) DB not available > nov 05 03:09:02 data.contoso.com named[2807]: GeoIP AS (type > 9) DB not available > nov 05 03:09:02 data.contoso.com named[2807]: GeoIP Domain > (type 11) DB not available > nov 05 03:09:02 data.contoso.com named[2807]: GeoIP NetSpeed > (type 10) DB not available > nov 05 03:09:02 data.contoso.com named[2807]: using default > UDP/IPv4 port range: [1024, 65535] > nov 05 03:09:02 data.contoso.com named[2807]: using default > UDP/IPv6 port range: [1024, 65535] > nov 05 03:09:02 data.contoso.com named[2807]: sizing zone > task pool based on 6 zones > nov 05 03:09:02 data.contoso.com named[2807]: Loading 'AD DNS > Zone' using driver dlopen > nov 05 03:09:02 data.contoso.com named[2807]: samba_dlz: > starting configure > nov 05 03:09:02 data.contoso.com named[2807]: samba_dlz: > Ignoring duplicate zone 'ratchet.com' from > 'DC=@,DC=ratchet.com,CN=MicrosoftDNS,DC=DomainDnsZones,DC=cont > oso,DC=com' > nov 05 03:09:02 data.contoso.com named[2807]: samba_dlz: > Ignoring duplicate zone '17.172.in-addr.arpa' from > 'DC=@,DC=17.172.in-addr.arpa,CN=MicrosoftDNS,DC=DomainDnsZones > ,DC=contoso,DC=com' > nov 05 03:09:02 data.contoso.com named[2807]: samba_dlz: > Ignoring duplicate zone 'johndoe.com' from > 'DC=@,DC=johndoe.com,CN=MicrosoftDNS,DC=DomainDnsZones,DC=cont > oso,DC=com' > nov 05 03:09:02 data.contoso.com named[2807]: samba_dlz: > Ignoring duplicate zone 'contoso.com' from > 'DC=@,DC=contoso.com,CN=MicrosoftDNS,DC=DomainDnsZones,DC=cont > oso,DC=com' > nov 05 03:09:02 data.contoso.com named[2807]: samba_dlz: > Ignoring duplicate zone '_msdcs.contoso.com' from > 'DC=@,DC=_msdcs.contoso.com,CN=MicrosoftDNS,DC=ForestDnsZones, > DC=contoso,DC=com' > nov 05 03:09:02 data.contoso.com named[2807]: using built-in > DLV key for view _default > nov 05 03:09:02 data.contoso.com named[2807]: automatic empty > zone: 10.IN-ADDR.ARPA > nov 05 03:09:02 data.contoso.com named[2807]: automatic empty > zone: 16.172.IN-ADDR.ARPA > .... > nov 05 03:09:02 data.contoso.com named[2807]: automatic empty > zone: 110.100.IN-ADDR.ARPA > nov 05 03:09:02 data.contoso.com systemd[1]: named.service: > main process exited, code=killed, status=6/ABRT > nov 05 03:09:02 data.contoso.com sh[24531]: kill: échec de > changement de d'envoi de signal vers 2807: Aucun processus de ce type > nov 05 03:09:02 data.contoso.com systemd[1]: named.service: > control process exited, code=exited status=1 > nov 05 03:09:02 data.contoso.com sh[24537]: Utilisation : > nov 05 03:09:02 data.contoso.com sh[24537]: kill [options] > <pid|nom> [...] > nov 05 03:09:02 data.contoso.com sh[24537]: Options : > nov 05 03:09:02 data.contoso.com sh[24537]: -a, --all > ne pas restreindre la conversion de nom en PID aux > nov 05 03:09:02 data.contoso.com sh[24537]: processus avec le > même UID que le processus actuel > nov 05 03:09:02 data.contoso.com sh[24537]: -s, --signal > <sig> envoyer le signal indiqué > nov 05 03:09:02 data.contoso.com sh[24537]: -q, --queue <sig> > utiliser sigqueue(2) au lieu de kill(2) > nov 05 03:09:02 data.contoso.com sh[24537]: -p, --pid > afficher les PID sans leur envoyer de signal > nov 05 03:09:02 data.contoso.com sh[24537]: -l, --list > [=<signal>] afficher les noms de signal, ou en convertir un en nom > nov 05 03:09:02 data.contoso.com sh[24537]: -L, --table > afficher les noms et numéros de signal > nov 05 03:09:02 data.contoso.com sh[24537]: -h, --help > afficher cette aide et quitter > nov 05 03:09:02 data.contoso.com sh[24537]: -V, --version > afficher les informations de version et quitter > nov 05 03:09:02 data.contoso.com sh[24537]: Consultez kill(1) > pour obtenir des précisions complémentaires. > nov 05 03:09:02 data.contoso.com systemd[1]: named.service: > control process exited, code=exited status=1 > nov 05 03:09:02 data.contoso.com systemd[1]: Reload failed > for Berkeley Internet Name Domain (DNS). > nov 05 03:09:02 data.contoso.com systemd[1]: Unit > named.service entered failed state. > nov 05 03:09:02 data.contoso.com systemd[1]: named.service failed. > > > > Is it related to Samba after the same bug ? > > If i remove the samba dlz part in the named config, it's fine. > > Thanks :) > > > > ----- Mail original ----- > De: "Denis Cardon" <dcardon at tranquil.it> > À: "Maxence Sartiaux" <msartiaux at it-optics.com>, "Andrew > Bartlett" <abartlet at samba.org> > Cc: samba at lists.samba.org > Envoyé: Vendredi 3 Novembre 2017 11:02:18 > Objet: Re: [Samba] corrupted db after upgrading to 4.7 > > Hi Maxence, > > > Fyi, i've updated to 4.7.1, the dbcheck still not fix the > broken links, > > is the fix you talk about planned for a future release ? > > > > Our customer reported me, some users have issues when their > logon server > > is DC1 but not when it's DC2. > > > > On DC1 some users have access to all shares, some doesn't have any > > access at all. > > actually this last symptom was the one that got us to hack quickly a > solution for the issue with orphaned backlink attribute 'memberOf'. > You'll probably have to do some cleanup as I pointed out in > my last mail. > > The bugzilla entry [1] you mentioned and corresponding patch prevents > the problem from happening, but I don't think it fixes it. > > Cheers, > > Denis > > [1] https://bugzilla.samba.org/show_bug.cgi?id=13095 > > > > > > > > > On 11/02/2017 04:38 PM, Andrew Bartlett wrote: > >> On Thu, 2017-11-02 at 16:19 +0100, Maxence Sartiaux via > samba wrote: > >>> > >> No worries. > >> > >> Andrew Bartlett > >> > > > > -- > Denis Cardon > Tranquil IT Systems > Les Espaces Jules Verne, bâtiment A > 12 avenue Jules Verne > 44230 Saint Sébastien sur Loire > tel : +33 (0) 2.40.97.57.55 > http://www.tranquil-it-systems.fr > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba >
On Mon, 6 Nov 2017 11:39:50 +0100 (CET) Maxence SARTIAUX via samba <samba at lists.samba.org> wrote:> Hello. > > To follow-up this issue, since the upgrade, when i do a named reload > it crash, look like there's duplicated zones. > > Here's the log when i trigger a reload > > > nov 05 03:09:02 data.contoso.com named[2807]: received control > channel command 'reload' nov 05 03:09:02 data.contoso.com > named[2807]: loading configuration from '/etc/named.conf' nov 05 > 03:09:02 data.contoso.com named[2807]: reading built-in trusted keys > from file '/etc/named.iscdlv.key' nov 05 03:09:02 data.contoso.com > named[2807]: initializing GeoIP Country (IPv4) (type 1) DB nov 05 > 03:09:02 data.contoso.com named[2807]: GEO-106FREE 20160607 Build 1 > Copyright (c) 2016 MaxMind nov 05 03:09:02 data.contoso.com > named[2807]: initializing GeoIP Country (IPv6) (type 12) DB nov 05 > 03:09:02 data.contoso.com named[2807]: GEO-106FREE 20160607 Build 1 > Copy nov 05 03:09:02 data.contoso.com named[2807]: GeoIP City (IPv4) > (type 2) DB not available nov 05 03:09:02 data.contoso.com > named[2807]: GeoIP City (IPv4) (type 6) DB not available nov 05 > 03:09:02 data.contoso.com named[2807]: GeoIP City (IPv6) (type 30) DB > not available nov 05 03:09:02 data.contoso.com named[2807]: GeoIP > City (IPv6) (type 31) DB not available nov 05 03:09:02 > data.contoso.com named[2807]: GeoIP Region (type 3) DB not available > nov 05 03:09:02 data.contoso.com named[2807]: GeoIP Region (type 7) > DB not available nov 05 03:09:02 data.contoso.com named[2807]: GeoIP > ISP (type 4) DB not available nov 05 03:09:02 data.contoso.com > named[2807]: GeoIP Org (type 5) DB not available nov 05 03:09:02 > data.contoso.com named[2807]: GeoIP AS (type 9) DB not available nov > 05 03:09:02 data.contoso.com named[2807]: GeoIP Domain (type 11) DB > not available nov 05 03:09:02 data.contoso.com named[2807]: GeoIP > NetSpeed (type 10) DB not available nov 05 03:09:02 data.contoso.com > named[2807]: using default UDP/IPv4 port range: [1024, 65535] nov 05 > 03:09:02 data.contoso.com named[2807]: using default UDP/IPv6 port > range: [1024, 65535] nov 05 03:09:02 data.contoso.com named[2807]: > sizing zone task pool based on 6 zones nov 05 03:09:02 > data.contoso.com named[2807]: Loading 'AD DNS Zone' using driver > dlopen nov 05 03:09:02 data.contoso.com named[2807]: samba_dlz: > starting configure nov 05 03:09:02 data.contoso.com named[2807]: > samba_dlz: Ignoring duplicate zone 'ratchet.com' from > 'DC=@,DC=ratchet.com,CN=MicrosoftDNS,DC=DomainDnsZones,DC=contoso,DC=com' > nov 05 03:09:02 data.contoso.com named[2807]: samba_dlz: Ignoring > duplicate zone '17.172.in-addr.arpa' from > 'DC=@,DC=17.172.in-addr.arpa,CN=MicrosoftDNS,DC=DomainDnsZones,DC=contoso,DC=com' > nov 05 03:09:02 data.contoso.com named[2807]: samba_dlz: Ignoring > duplicate zone 'johndoe.com' from > 'DC=@,DC=johndoe.com,CN=MicrosoftDNS,DC=DomainDnsZones,DC=contoso,DC=com' > nov 05 03:09:02 data.contoso.com named[2807]: samba_dlz: Ignoring > duplicate zone 'contoso.com' from > 'DC=@,DC=contoso.com,CN=MicrosoftDNS,DC=DomainDnsZones,DC=contoso,DC=com' > nov 05 03:09:02 data.contoso.com named[2807]: samba_dlz: Ignoring > duplicate zone '_msdcs.contoso.com' from > 'DC=@,DC=_msdcs.contoso.com,CN=MicrosoftDNS,DC=ForestDnsZones,DC=contoso,DC=com' > nov 05 03:09:02 data.contoso.com named[2807]: using built-in DLV key > for view _default nov 05 03:09:02 data.contoso.com named[2807]: > automatic empty zone: 10.IN-ADDR.ARPA nov 05 03:09:02 > data.contoso.com named[2807]: automatic empty zone: > 16.172.IN-ADDR.ARPA .... nov 05 03:09:02 data.contoso.com > named[2807]: automatic empty zone: 110.100.IN-ADDR.ARPA nov 05 > 03:09:02 data.contoso.com systemd[1]: named.service: main process > exited, code=killed, status=6/ABRT nov 05 03:09:02 data.contoso.com > sh[24531]: kill: échec de changement de d'envoi de signal vers 2807: > Aucun processus de ce type nov 05 03:09:02 data.contoso.com > systemd[1]: named.service: control process exited, code=exited > status=1 nov 05 03:09:02 data.contoso.com sh[24537]: Utilisation : > nov 05 03:09:02 data.contoso.com sh[24537]: kill [options] <pid|nom> > [...] nov 05 03:09:02 data.contoso.com sh[24537]: Options : nov 05 > 03:09:02 data.contoso.com sh[24537]: -a, --all ne pas > restreindre la conversion de nom en PID aux nov 05 03:09:02 > data.contoso.com sh[24537]: processus avec le même UID que le > processus actuel nov 05 03:09:02 data.contoso.com sh[24537]: -s, > --signal <sig> envoyer le signal indiqué nov 05 03:09:02 > data.contoso.com sh[24537]: -q, --queue <sig> utiliser > sigqueue(2) au lieu de kill(2) nov 05 03:09:02 data.contoso.com > sh[24537]: -p, --pid afficher les PID sans leur envoyer > de signal nov 05 03:09:02 data.contoso.com sh[24537]: -l, --list > [=<signal>] afficher les noms de signal, ou en convertir un en nom > nov 05 03:09:02 data.contoso.com sh[24537]: -L, --table > afficher les noms et numéros de signal nov 05 03:09:02 > data.contoso.com sh[24537]: -h, --help afficher cette aide et > quitter nov 05 03:09:02 data.contoso.com sh[24537]: -V, --version > afficher les informations de version et quitter nov 05 03:09:02 > data.contoso.com sh[24537]: Consultez kill(1) pour obtenir des > précisions complémentaires. nov 05 03:09:02 data.contoso.com > systemd[1]: named.service: control process exited, code=exited > status=1 nov 05 03:09:02 data.contoso.com systemd[1]: Reload failed > for Berkeley Internet Name Domain (DNS). nov 05 03:09:02 > data.contoso.com systemd[1]: Unit named.service entered failed state. > nov 05 03:09:02 data.contoso.com systemd[1]: named.service failed. > > > > Is it related to Samba after the same bug ? > > If i remove the samba dlz part in the named config, it's fine. > > Thanks :) > > > > ----- Mail original ----- > De: "Denis Cardon" <dcardon at tranquil.it> > À: "Maxence Sartiaux" <msartiaux at it-optics.com>, "Andrew Bartlett" > <abartlet at samba.org> Cc: samba at lists.samba.org > Envoyé: Vendredi 3 Novembre 2017 11:02:18 > Objet: Re: [Samba] corrupted db after upgrading to 4.7 > > Hi Maxence, > > > Fyi, i've updated to 4.7.1, the dbcheck still not fix the broken > > links, is the fix you talk about planned for a future release ? > > > > Our customer reported me, some users have issues when their logon > > server is DC1 but not when it's DC2. > > > > On DC1 some users have access to all shares, some doesn't have any > > access at all. > > actually this last symptom was the one that got us to hack quickly a > solution for the issue with orphaned backlink attribute 'memberOf'. > You'll probably have to do some cleanup as I pointed out in my last > mail. > > The bugzilla entry [1] you mentioned and corresponding patch prevents > the problem from happening, but I don't think it fixes it. > > Cheers, > > Denis > > [1] https://bugzilla.samba.org/show_bug.cgi?id=13095 > > > > > > > > > On 11/02/2017 04:38 PM, Andrew Bartlett wrote: > >> On Thu, 2017-11-02 at 16:19 +0100, Maxence Sartiaux via samba > >> wrote: > >>> > >> No worries. > >> > >> Andrew Bartlett > >> > > >Can you post your named conf files. Rowland
Hello everyone. So i also tried to removemembers & ldbmodify/ldbedit to remove the duplicate link but unfortunately it's not working "objectclass_attrs: attribute 'memberOf' on entry 'CN=Gerard Vraux,OU=CPAS,OU=MUSERS,DC=contoso,DC=com" must not be modified directly, it is a linked attribute" So even if i want to fix everything manually, i can't. Do you have any solutions/scripts to fix the situation ? Have a good day. Thanks. ----- Mail original ----- De: "Denis Cardon" <dcardon at tranquil.it> À: "Maxence Sartiaux" <msartiaux at it-optics.com>, "Andrew Bartlett" <abartlet at samba.org> Cc: "samba" <samba at lists.samba.org> Envoyé: Vendredi 3 Novembre 2017 11:02:18 Objet: Re: [Samba] corrupted db after upgrading to 4.7 Hi Maxence,> Fyi, i've updated to 4.7.1, the dbcheck still not fix the broken links, > is the fix you talk about planned for a future release ? > > Our customer reported me, some users have issues when their logon server > is DC1 but not when it's DC2. > > On DC1 some users have access to all shares, some doesn't have any > access at all.actually this last symptom was the one that got us to hack quickly a solution for the issue with orphaned backlink attribute 'memberOf'. You'll probably have to do some cleanup as I pointed out in my last mail. The bugzilla entry [1] you mentioned and corresponding patch prevents the problem from happening, but I don't think it fixes it. Cheers, Denis [1] https://bugzilla.samba.org/show_bug.cgi?id=13095> > > > On 11/02/2017 04:38 PM, Andrew Bartlett wrote: >> On Thu, 2017-11-02 at 16:19 +0100, Maxence Sartiaux via samba wrote: >>> >> No worries. >> >> Andrew Bartlett >> >-- Denis Cardon Tranquil IT Systems Les Espaces Jules Verne, bâtiment A 12 avenue Jules Verne 44230 Saint Sébastien sur Loire tel : +33 (0) 2.40.97.57.55 http://www.tranquil-it-systems.fr