Stefan G. Weichinger
2019-Jul-31 17:19 UTC
[Samba] GPO issues - getting SYSVOL cleaned up again
Progress: no more "dc" in rgrep on both servers PTR for the rejoined pre01svdeb02 is missing, so I assumed we need a dnsupdate: root at pre01svdeb02:~# samba_dnsupdate --verbose IPs: ['192.168.16.205'] need cache add: A pre01svdeb02.pilsbacher.at 192.168.16.205 Looking for DNS entry A pre01svdeb02.pilsbacher.at 192.168.16.205 as pre01svdeb02.pilsbacher.at. need cache add: NS pilsbacher.at pre01svdeb02.pilsbacher.at Looking for DNS entry NS pilsbacher.at pre01svdeb02.pilsbacher.at as pilsbacher.at. need cache add: NS _msdcs.pilsbacher.at pre01svdeb02.pilsbacher.at Looking for DNS entry NS _msdcs.pilsbacher.at pre01svdeb02.pilsbacher.at as _msdcs.pilsbacher.at. need cache add: A pilsbacher.at 192.168.16.205 Looking for DNS entry A pilsbacher.at 192.168.16.205 as pilsbacher.at. need cache add: SRV _ldap._tcp.pilsbacher.at pre01svdeb02.pilsbacher.at 389 Looking for DNS entry SRV _ldap._tcp.pilsbacher.at pre01svdeb02.pilsbacher.at 389 as _ldap._tcp.pilsbacher.at. Checking 0 100 389 pre01svdeb03.pilsbacher.at. against SRV _ldap._tcp.pilsbacher.at pre01svdeb02.pilsbacher.at 389 Checking 0 100 389 pre01svdeb02.pilsbacher.at. against SRV _ldap._tcp.pilsbacher.at pre01svdeb02.pilsbacher.at 389 need cache add: SRV _ldap._tcp.dc._msdcs.pilsbacher.at pre01svdeb02.pilsbacher.at 389 Looking for DNS entry SRV _ldap._tcp.dc._msdcs.pilsbacher.at pre01svdeb02.pilsbacher.at 389 as _ldap._tcp.dc._msdcs.pilsbacher.at. Checking 0 100 389 pre01svdeb03.pilsbacher.at. against SRV _ldap._tcp.dc._msdcs.pilsbacher.at pre01svdeb02.pilsbacher.at 389 Checking 0 100 389 pre01svdeb02.pilsbacher.at. against SRV _ldap._tcp.dc._msdcs.pilsbacher.at pre01svdeb02.pilsbacher.at 389 need cache add: SRV _ldap._tcp.317d1ccc-8df7-4ec6-9a6b-031a060da9b7.domains._msdcs.pilsbacher.at pre01svdeb02.pilsbacher.at 389 Looking for DNS entry SRV _ldap._tcp.317d1ccc-8df7-4ec6-9a6b-031a060da9b7.domains._msdcs.pilsbacher.at pre01svdeb02.pilsbacher.at 389 as _ldap._tcp.317d1ccc-8df7-4ec6-9a6b-031a060da9b7.domains._msdcs.pilsbacher.at. Checking 0 100 389 pre01svdeb03.pilsbacher.at. against SRV _ldap._tcp.317d1ccc-8df7-4ec6-9a6b-031a060da9b7.domains._msdcs.pilsbacher.at pre01svdeb02.pilsbacher.at 389 Checking 0 100 389 pre01svdeb02.pilsbacher.at. against SRV _ldap._tcp.317d1ccc-8df7-4ec6-9a6b-031a060da9b7.domains._msdcs.pilsbacher.at pre01svdeb02.pilsbacher.at 389 need cache add: SRV _kerberos._tcp.pilsbacher.at pre01svdeb02.pilsbacher.at 88 Looking for DNS entry SRV _kerberos._tcp.pilsbacher.at pre01svdeb02.pilsbacher.at 88 as _kerberos._tcp.pilsbacher.at. Checking 0 100 88 pre01svdeb03.pilsbacher.at. against SRV _kerberos._tcp.pilsbacher.at pre01svdeb02.pilsbacher.at 88 Checking 0 100 88 pre01svdeb02.pilsbacher.at. against SRV _kerberos._tcp.pilsbacher.at pre01svdeb02.pilsbacher.at 88 need cache add: SRV _kerberos._udp.pilsbacher.at pre01svdeb02.pilsbacher.at 88 Looking for DNS entry SRV _kerberos._udp.pilsbacher.at pre01svdeb02.pilsbacher.at 88 as _kerberos._udp.pilsbacher.at. Checking 0 100 88 pre01svdeb03.pilsbacher.at. against SRV _kerberos._udp.pilsbacher.at pre01svdeb02.pilsbacher.at 88 Checking 0 100 88 pre01svdeb02.pilsbacher.at. against SRV _kerberos._udp.pilsbacher.at pre01svdeb02.pilsbacher.at 88 need cache add: SRV _kerberos._tcp.dc._msdcs.pilsbacher.at pre01svdeb02.pilsbacher.at 88 Looking for DNS entry SRV _kerberos._tcp.dc._msdcs.pilsbacher.at pre01svdeb02.pilsbacher.at 88 as _kerberos._tcp.dc._msdcs.pilsbacher.at. Checking 0 100 88 pre01svdeb03.pilsbacher.at. against SRV _kerberos._tcp.dc._msdcs.pilsbacher.at pre01svdeb02.pilsbacher.at 88 Checking 0 100 88 pre01svdeb02.pilsbacher.at. against SRV _kerberos._tcp.dc._msdcs.pilsbacher.at pre01svdeb02.pilsbacher.at 88 need cache add: SRV _kpasswd._tcp.pilsbacher.at pre01svdeb02.pilsbacher.at 464 Looking for DNS entry SRV _kpasswd._tcp.pilsbacher.at pre01svdeb02.pilsbacher.at 464 as _kpasswd._tcp.pilsbacher.at. Checking 0 100 464 pre01svdeb03.pilsbacher.at. against SRV _kpasswd._tcp.pilsbacher.at pre01svdeb02.pilsbacher.at 464 Checking 0 100 464 pre01svdeb02.pilsbacher.at. against SRV _kpasswd._tcp.pilsbacher.at pre01svdeb02.pilsbacher.at 464 need cache add: SRV _kpasswd._udp.pilsbacher.at pre01svdeb02.pilsbacher.at 464 Looking for DNS entry SRV _kpasswd._udp.pilsbacher.at pre01svdeb02.pilsbacher.at 464 as _kpasswd._udp.pilsbacher.at. Checking 0 100 464 pre01svdeb03.pilsbacher.at. against SRV _kpasswd._udp.pilsbacher.at pre01svdeb02.pilsbacher.at 464 Checking 0 100 464 pre01svdeb02.pilsbacher.at. against SRV _kpasswd._udp.pilsbacher.at pre01svdeb02.pilsbacher.at 464 need cache add: CNAME 87c2112d-fdbc-41e6-a333-b6032fa2067f._msdcs.pilsbacher.at pre01svdeb02.pilsbacher.at Looking for DNS entry CNAME 87c2112d-fdbc-41e6-a333-b6032fa2067f._msdcs.pilsbacher.at pre01svdeb02.pilsbacher.at as 87c2112d-fdbc-41e6-a333-b6032fa2067f._msdcs.pilsbacher.at. need cache add: SRV _ldap._tcp.Default-First-Site-Name._sites.pilsbacher.at pre01svdeb02.pilsbacher.at 389 Looking for DNS entry SRV _ldap._tcp.Default-First-Site-Name._sites.pilsbacher.at pre01svdeb02.pilsbacher.at 389 as _ldap._tcp.Default-First-Site-Name._sites.pilsbacher.at. Checking 0 100 389 pre01svdeb03.pilsbacher.at. against SRV _ldap._tcp.Default-First-Site-Name._sites.pilsbacher.at pre01svdeb02.pilsbacher.at 389 Checking 0 100 389 pre01svdeb02.pilsbacher.at. against SRV _ldap._tcp.Default-First-Site-Name._sites.pilsbacher.at pre01svdeb02.pilsbacher.at 389 need cache add: SRV _ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.pilsbacher.at pre01svdeb02.pilsbacher.at 389 Looking for DNS entry SRV _ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.pilsbacher.at pre01svdeb02.pilsbacher.at 389 as _ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.pilsbacher.at. Checking 0 100 389 pre01svdeb03.pilsbacher.at. against SRV _ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.pilsbacher.at pre01svdeb02.pilsbacher.at 389 Checking 0 100 389 pre01svdeb02.pilsbacher.at. against SRV _ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.pilsbacher.at pre01svdeb02.pilsbacher.at 389 need cache add: SRV _kerberos._tcp.Default-First-Site-Name._sites.pilsbacher.at pre01svdeb02.pilsbacher.at 88 Looking for DNS entry SRV _kerberos._tcp.Default-First-Site-Name._sites.pilsbacher.at pre01svdeb02.pilsbacher.at 88 as _kerberos._tcp.Default-First-Site-Name._sites.pilsbacher.at. Checking 0 100 88 pre01svdeb03.pilsbacher.at. against SRV _kerberos._tcp.Default-First-Site-Name._sites.pilsbacher.at pre01svdeb02.pilsbacher.at 88 Checking 0 100 88 pre01svdeb02.pilsbacher.at. against SRV _kerberos._tcp.Default-First-Site-Name._sites.pilsbacher.at pre01svdeb02.pilsbacher.at 88 need cache add: SRV _kerberos._tcp.Default-First-Site-Name._sites.dc._msdcs.pilsbacher.at pre01svdeb02.pilsbacher.at 88 Looking for DNS entry SRV _kerberos._tcp.Default-First-Site-Name._sites.dc._msdcs.pilsbacher.at pre01svdeb02.pilsbacher.at 88 as _kerberos._tcp.Default-First-Site-Name._sites.dc._msdcs.pilsbacher.at. Checking 0 100 88 pre01svdeb03.pilsbacher.at. against SRV _kerberos._tcp.Default-First-Site-Name._sites.dc._msdcs.pilsbacher.at pre01svdeb02.pilsbacher.at 88 Checking 0 100 88 pre01svdeb02.pilsbacher.at. against SRV _kerberos._tcp.Default-First-Site-Name._sites.dc._msdcs.pilsbacher.at pre01svdeb02.pilsbacher.at 88 need cache add: A gc._msdcs.pilsbacher.at 192.168.16.205 Looking for DNS entry A gc._msdcs.pilsbacher.at 192.168.16.205 as gc._msdcs.pilsbacher.at. need cache add: SRV _gc._tcp.pilsbacher.at pre01svdeb02.pilsbacher.at 3268 Looking for DNS entry SRV _gc._tcp.pilsbacher.at pre01svdeb02.pilsbacher.at 3268 as _gc._tcp.pilsbacher.at. Checking 0 100 3268 pre01svdeb03.pilsbacher.at. against SRV _gc._tcp.pilsbacher.at pre01svdeb02.pilsbacher.at 3268 Lookup of _gc._tcp.pilsbacher.at. succeeded, but we failed to find a matching DNS entry for SRV _gc._tcp.pilsbacher.at pre01svdeb02.pilsbacher.at 3268 need update: SRV _gc._tcp.pilsbacher.at pre01svdeb02.pilsbacher.at 3268 need cache add: SRV _ldap._tcp.gc._msdcs.pilsbacher.at pre01svdeb02.pilsbacher.at 3268 Looking for DNS entry SRV _ldap._tcp.gc._msdcs.pilsbacher.at pre01svdeb02.pilsbacher.at 3268 as _ldap._tcp.gc._msdcs.pilsbacher.at. Checking 0 100 3268 pre01svdeb03.pilsbacher.at. against SRV _ldap._tcp.gc._msdcs.pilsbacher.at pre01svdeb02.pilsbacher.at 3268 Lookup of _ldap._tcp.gc._msdcs.pilsbacher.at. succeeded, but we failed to find a matching DNS entry for SRV _ldap._tcp.gc._msdcs.pilsbacher.at pre01svdeb02.pilsbacher.at 3268 need update: SRV _ldap._tcp.gc._msdcs.pilsbacher.at pre01svdeb02.pilsbacher.at 3268 need cache add: SRV _gc._tcp.Default-First-Site-Name._sites.pilsbacher.at pre01svdeb02.pilsbacher.at 3268 Looking for DNS entry SRV _gc._tcp.Default-First-Site-Name._sites.pilsbacher.at pre01svdeb02.pilsbacher.at 3268 as _gc._tcp.Default-First-Site-Name._sites.pilsbacher.at. Checking 0 100 3268 pre01svdeb03.pilsbacher.at. against SRV _gc._tcp.Default-First-Site-Name._sites.pilsbacher.at pre01svdeb02.pilsbacher.at 3268 Lookup of _gc._tcp.Default-First-Site-Name._sites.pilsbacher.at. succeeded, but we failed to find a matching DNS entry for SRV _gc._tcp.Default-First-Site-Name._sites.pilsbacher.at pre01svdeb02.pilsbacher.at 3268 need update: SRV _gc._tcp.Default-First-Site-Name._sites.pilsbacher.at pre01svdeb02.pilsbacher.at 3268 need cache add: SRV _ldap._tcp.Default-First-Site-Name._sites.gc._msdcs.pilsbacher.at pre01svdeb02.pilsbacher.at 3268 Looking for DNS entry SRV _ldap._tcp.Default-First-Site-Name._sites.gc._msdcs.pilsbacher.at pre01svdeb02.pilsbacher.at 3268 as _ldap._tcp.Default-First-Site-Name._sites.gc._msdcs.pilsbacher.at. Checking 0 100 3268 pre01svdeb03.pilsbacher.at. against SRV _ldap._tcp.Default-First-Site-Name._sites.gc._msdcs.pilsbacher.at pre01svdeb02.pilsbacher.at 3268 Lookup of _ldap._tcp.Default-First-Site-Name._sites.gc._msdcs.pilsbacher.at. succeeded, but we failed to find a matching DNS entry for SRV _ldap._tcp.Default-First-Site-Name._sites.gc._msdcs.pilsbacher.at pre01svdeb02.pilsbacher.at 3268 need update: SRV _ldap._tcp.Default-First-Site-Name._sites.gc._msdcs.pilsbacher.at pre01svdeb02.pilsbacher.at 3268 need cache add: A DomainDnsZones.pilsbacher.at 192.168.16.205 Looking for DNS entry A DomainDnsZones.pilsbacher.at 192.168.16.205 as DomainDnsZones.pilsbacher.at. Lookup of DomainDnsZones.pilsbacher.at. succeeded, but we failed to find a matching DNS entry for A DomainDnsZones.pilsbacher.at 192.168.16.205 need update: A DomainDnsZones.pilsbacher.at 192.168.16.205 need cache add: SRV _ldap._tcp.DomainDnsZones.pilsbacher.at pre01svdeb02.pilsbacher.at 389 Looking for DNS entry SRV _ldap._tcp.DomainDnsZones.pilsbacher.at pre01svdeb02.pilsbacher.at 389 as _ldap._tcp.DomainDnsZones.pilsbacher.at. Checking 0 100 389 pre01svdeb03.pilsbacher.at. against SRV _ldap._tcp.DomainDnsZones.pilsbacher.at pre01svdeb02.pilsbacher.at 389 Lookup of _ldap._tcp.DomainDnsZones.pilsbacher.at. succeeded, but we failed to find a matching DNS entry for SRV _ldap._tcp.DomainDnsZones.pilsbacher.at pre01svdeb02.pilsbacher.at 389 need update: SRV _ldap._tcp.DomainDnsZones.pilsbacher.at pre01svdeb02.pilsbacher.at 389 need cache add: SRV _ldap._tcp.Default-First-Site-Name._sites.DomainDnsZones.pilsbacher.at pre01svdeb02.pilsbacher.at 389 Looking for DNS entry SRV _ldap._tcp.Default-First-Site-Name._sites.DomainDnsZones.pilsbacher.at pre01svdeb02.pilsbacher.at 389 as _ldap._tcp.Default-First-Site-Name._sites.DomainDnsZones.pilsbacher.at. Checking 0 100 389 pre01svdeb03.pilsbacher.at. against SRV _ldap._tcp.Default-First-Site-Name._sites.DomainDnsZones.pilsbacher.at pre01svdeb02.pilsbacher.at 389 Lookup of _ldap._tcp.Default-First-Site-Name._sites.DomainDnsZones.pilsbacher.at. succeeded, but we failed to find a matching DNS entry for SRV _ldap._tcp.Default-First-Site-Name._sites.DomainDnsZones.pilsbacher.at pre01svdeb02.pilsbacher.at 389 need update: SRV _ldap._tcp.Default-First-Site-Name._sites.DomainDnsZones.pilsbacher.at pre01svdeb02.pilsbacher.at 389 need cache add: A ForestDnsZones.pilsbacher.at 192.168.16.205 Looking for DNS entry A ForestDnsZones.pilsbacher.at 192.168.16.205 as ForestDnsZones.pilsbacher.at. Lookup of ForestDnsZones.pilsbacher.at. succeeded, but we failed to find a matching DNS entry for A ForestDnsZones.pilsbacher.at 192.168.16.205 need update: A ForestDnsZones.pilsbacher.at 192.168.16.205 need cache add: SRV _ldap._tcp.ForestDnsZones.pilsbacher.at pre01svdeb02.pilsbacher.at 389 Looking for DNS entry SRV _ldap._tcp.ForestDnsZones.pilsbacher.at pre01svdeb02.pilsbacher.at 389 as _ldap._tcp.ForestDnsZones.pilsbacher.at. Checking 0 100 389 pre01svdeb03.pilsbacher.at. against SRV _ldap._tcp.ForestDnsZones.pilsbacher.at pre01svdeb02.pilsbacher.at 389 Lookup of _ldap._tcp.ForestDnsZones.pilsbacher.at. succeeded, but we failed to find a matching DNS entry for SRV _ldap._tcp.ForestDnsZones.pilsbacher.at pre01svdeb02.pilsbacher.at 389 need update: SRV _ldap._tcp.ForestDnsZones.pilsbacher.at pre01svdeb02.pilsbacher.at 389 need cache add: SRV _ldap._tcp.Default-First-Site-Name._sites.ForestDnsZones.pilsbacher.at pre01svdeb02.pilsbacher.at 389 Looking for DNS entry SRV _ldap._tcp.Default-First-Site-Name._sites.ForestDnsZones.pilsbacher.at pre01svdeb02.pilsbacher.at 389 as _ldap._tcp.Default-First-Site-Name._sites.ForestDnsZones.pilsbacher.at. Checking 0 100 389 pre01svdeb03.pilsbacher.at. against SRV _ldap._tcp.Default-First-Site-Name._sites.ForestDnsZones.pilsbacher.at pre01svdeb02.pilsbacher.at 389 Lookup of _ldap._tcp.Default-First-Site-Name._sites.ForestDnsZones.pilsbacher.at. succeeded, but we failed to find a matching DNS entry for SRV _ldap._tcp.Default-First-Site-Name._sites.ForestDnsZones.pilsbacher.at pre01svdeb02.pilsbacher.at 389 need update: SRV _ldap._tcp.Default-First-Site-Name._sites.ForestDnsZones.pilsbacher.at pre01svdeb02.pilsbacher.at 389 10 DNS updates and 0 DNS deletes needed Successfully obtained Kerberos ticket to DNS/pre01svdeb03.pilsbacher.at as PRE01SVDEB02$ update(nsupdate): SRV _gc._tcp.pilsbacher.at pre01svdeb02.pilsbacher.at 3268 Calling nsupdate for SRV _gc._tcp.pilsbacher.at pre01svdeb02.pilsbacher.at 3268 (add) Successfully obtained Kerberos ticket to DNS/pre01svdeb03.pilsbacher.at as PRE01SVDEB02$ Outgoing update query: ;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: 0 ;; flags:; ZONE: 0, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0 ;; UPDATE SECTION: _gc._tcp.pilsbacher.at. 900 IN SRV 0 100 3268 pre01svdeb02.pilsbacher.at. ; TSIG error with server: tsig verify failure Failed nsupdate: 2 update(nsupdate): SRV _ldap._tcp.gc._msdcs.pilsbacher.at pre01svdeb02.pilsbacher.at 3268 Calling nsupdate for SRV _ldap._tcp.gc._msdcs.pilsbacher.at pre01svdeb02.pilsbacher.at 3268 (add) Successfully obtained Kerberos ticket to DNS/pre01svdeb03.pilsbacher.at as PRE01SVDEB02$ Outgoing update query: ;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: 0 ;; flags:; ZONE: 0, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0 ;; UPDATE SECTION: _ldap._tcp.gc._msdcs.pilsbacher.at. 900 IN SRV 0 100 3268 pre01svdeb02.pilsbacher.at. ; TSIG error with server: tsig verify failure Failed nsupdate: 2 update(nsupdate): SRV _gc._tcp.Default-First-Site-Name._sites.pilsbacher.at pre01svdeb02.pilsbacher.at 3268 Calling nsupdate for SRV _gc._tcp.Default-First-Site-Name._sites.pilsbacher.at pre01svdeb02.pilsbacher.at 3268 (add) Successfully obtained Kerberos ticket to DNS/pre01svdeb03.pilsbacher.at as PRE01SVDEB02$ Outgoing update query: ;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: 0 ;; flags:; ZONE: 0, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0 ;; UPDATE SECTION: _gc._tcp.Default-First-Site-Name._sites.pilsbacher.at. 900 IN SRV 0 100 3268 pre01svdeb02.pilsbacher.at. ; TSIG error with server: tsig verify failure Failed nsupdate: 2 update(nsupdate): SRV _ldap._tcp.Default-First-Site-Name._sites.gc._msdcs.pilsbacher.at pre01svdeb02.pilsbacher.at 3268 Calling nsupdate for SRV _ldap._tcp.Default-First-Site-Name._sites.gc._msdcs.pilsbacher.at pre01svdeb02.pilsbacher.at 3268 (add) Successfully obtained Kerberos ticket to DNS/pre01svdeb03.pilsbacher.at as PRE01SVDEB02$ Outgoing update query: ;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: 0 ;; flags:; ZONE: 0, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0 ;; UPDATE SECTION: _ldap._tcp.Default-First-Site-Name._sites.gc._msdcs.pilsbacher.at. 900 IN SRV 0 100 3268 pre01svdeb02.pilsbacher.at. ; TSIG error with server: tsig verify failure Failed nsupdate: 2 update(nsupdate): A DomainDnsZones.pilsbacher.at 192.168.16.205 Calling nsupdate for A DomainDnsZones.pilsbacher.at 192.168.16.205 (add) Successfully obtained Kerberos ticket to DNS/pre01svdeb03.pilsbacher.at as PRE01SVDEB02$ Outgoing update query: ;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: 0 ;; flags:; ZONE: 0, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0 ;; UPDATE SECTION: DomainDnsZones.pilsbacher.at. 900 IN A 192.168.16.205 ; TSIG error with server: tsig verify failure Failed nsupdate: 2 update(nsupdate): SRV _ldap._tcp.DomainDnsZones.pilsbacher.at pre01svdeb02.pilsbacher.at 389 Calling nsupdate for SRV _ldap._tcp.DomainDnsZones.pilsbacher.at pre01svdeb02.pilsbacher.at 389 (add) Successfully obtained Kerberos ticket to DNS/pre01svdeb03.pilsbacher.at as PRE01SVDEB02$ Outgoing update query: ;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: 0 ;; flags:; ZONE: 0, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0 ;; UPDATE SECTION: _ldap._tcp.DomainDnsZones.pilsbacher.at. 900 IN SRV 0 100 389 pre01svdeb02.pilsbacher.at. ; TSIG error with server: tsig verify failure Failed nsupdate: 2 update(nsupdate): SRV _ldap._tcp.Default-First-Site-Name._sites.DomainDnsZones.pilsbacher.at pre01svdeb02.pilsbacher.at 389 Calling nsupdate for SRV _ldap._tcp.Default-First-Site-Name._sites.DomainDnsZones.pilsbacher.at pre01svdeb02.pilsbacher.at 389 (add) Successfully obtained Kerberos ticket to DNS/pre01svdeb03.pilsbacher.at as PRE01SVDEB02$ Outgoing update query: ;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: 0 ;; flags:; ZONE: 0, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0 ;; UPDATE SECTION: _ldap._tcp.Default-First-Site-Name._sites.DomainDnsZones.pilsbacher.at. 900 IN SRV 0 100 389 pre01svdeb02.pilsbacher.at. ; TSIG error with server: tsig verify failure Failed nsupdate: 2 update(nsupdate): A ForestDnsZones.pilsbacher.at 192.168.16.205 Calling nsupdate for A ForestDnsZones.pilsbacher.at 192.168.16.205 (add) Successfully obtained Kerberos ticket to DNS/pre01svdeb03.pilsbacher.at as PRE01SVDEB02$ Outgoing update query: ;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: 0 ;; flags:; ZONE: 0, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0 ;; UPDATE SECTION: ForestDnsZones.pilsbacher.at. 900 IN A 192.168.16.205 ; TSIG error with server: tsig verify failure Failed nsupdate: 2 update(nsupdate): SRV _ldap._tcp.ForestDnsZones.pilsbacher.at pre01svdeb02.pilsbacher.at 389 Calling nsupdate for SRV _ldap._tcp.ForestDnsZones.pilsbacher.at pre01svdeb02.pilsbacher.at 389 (add) Successfully obtained Kerberos ticket to DNS/pre01svdeb03.pilsbacher.at as PRE01SVDEB02$ Outgoing update query: ;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: 0 ;; flags:; ZONE: 0, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0 ;; UPDATE SECTION: _ldap._tcp.ForestDnsZones.pilsbacher.at. 900 IN SRV 0 100 389 pre01svdeb02.pilsbacher.at. ; TSIG error with server: tsig verify failure Failed nsupdate: 2 update(nsupdate): SRV _ldap._tcp.Default-First-Site-Name._sites.ForestDnsZones.pilsbacher.at pre01svdeb02.pilsbacher.at 389 Calling nsupdate for SRV _ldap._tcp.Default-First-Site-Name._sites.ForestDnsZones.pilsbacher.at pre01svdeb02.pilsbacher.at 389 (add) Successfully obtained Kerberos ticket to DNS/pre01svdeb03.pilsbacher.at as PRE01SVDEB02$ Outgoing update query: ;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: 0 ;; flags:; ZONE: 0, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0 ;; UPDATE SECTION: _ldap._tcp.Default-First-Site-Name._sites.ForestDnsZones.pilsbacher.at. 900 IN SRV 0 100 389 pre01svdeb02.pilsbacher.at. ; TSIG error with server: tsig verify failure Failed nsupdate: 2 Rebuilding cache at /var/lib/samba/private/dns_update_cache Adding A pre01svdeb02.pilsbacher.at 192.168.16.205 to dns_update_cache Adding NS pilsbacher.at pre01svdeb02.pilsbacher.at to dns_update_cache Adding NS _msdcs.pilsbacher.at pre01svdeb02.pilsbacher.at to dns_update_cache Adding A pilsbacher.at 192.168.16.205 to dns_update_cache Adding SRV _ldap._tcp.pilsbacher.at pre01svdeb02.pilsbacher.at 389 to dns_update_cache Adding SRV _ldap._tcp.dc._msdcs.pilsbacher.at pre01svdeb02.pilsbacher.at 389 to dns_update_cache Adding SRV _ldap._tcp.317d1ccc-8df7-4ec6-9a6b-031a060da9b7.domains._msdcs.pilsbacher.at pre01svdeb02.pilsbacher.at 389 to dns_update_cache Adding SRV _kerberos._tcp.pilsbacher.at pre01svdeb02.pilsbacher.at 88 to dns_update_cache Adding SRV _kerberos._udp.pilsbacher.at pre01svdeb02.pilsbacher.at 88 to dns_update_cache Adding SRV _kerberos._tcp.dc._msdcs.pilsbacher.at pre01svdeb02.pilsbacher.at 88 to dns_update_cache Adding SRV _kpasswd._tcp.pilsbacher.at pre01svdeb02.pilsbacher.at 464 to dns_update_cache Adding SRV _kpasswd._udp.pilsbacher.at pre01svdeb02.pilsbacher.at 464 to dns_update_cache Adding CNAME 87c2112d-fdbc-41e6-a333-b6032fa2067f._msdcs.pilsbacher.at pre01svdeb02.pilsbacher.at to dns_update_cache Adding SRV _ldap._tcp.Default-First-Site-Name._sites.pilsbacher.at pre01svdeb02.pilsbacher.at 389 to dns_update_cache Adding SRV _ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.pilsbacher.at pre01svdeb02.pilsbacher.at 389 to dns_update_cache Adding SRV _kerberos._tcp.Default-First-Site-Name._sites.pilsbacher.at pre01svdeb02.pilsbacher.at 88 to dns_update_cache Adding SRV _kerberos._tcp.Default-First-Site-Name._sites.dc._msdcs.pilsbacher.at pre01svdeb02.pilsbacher.at 88 to dns_update_cache Adding A gc._msdcs.pilsbacher.at 192.168.16.205 to dns_update_cache Adding SRV _gc._tcp.pilsbacher.at pre01svdeb02.pilsbacher.at 3268 to dns_update_cache Adding SRV _ldap._tcp.gc._msdcs.pilsbacher.at pre01svdeb02.pilsbacher.at 3268 to dns_update_cache Adding SRV _gc._tcp.Default-First-Site-Name._sites.pilsbacher.at pre01svdeb02.pilsbacher.at 3268 to dns_update_cache Adding SRV _ldap._tcp.Default-First-Site-Name._sites.gc._msdcs.pilsbacher.at pre01svdeb02.pilsbacher.at 3268 to dns_update_cache Adding A DomainDnsZones.pilsbacher.at 192.168.16.205 to dns_update_cache Adding SRV _ldap._tcp.DomainDnsZones.pilsbacher.at pre01svdeb02.pilsbacher.at 389 to dns_update_cache Adding SRV _ldap._tcp.Default-First-Site-Name._sites.DomainDnsZones.pilsbacher.at pre01svdeb02.pilsbacher.at 389 to dns_update_cache Adding A ForestDnsZones.pilsbacher.at 192.168.16.205 to dns_update_cache Adding SRV _ldap._tcp.ForestDnsZones.pilsbacher.at pre01svdeb02.pilsbacher.at 389 to dns_update_cache Adding SRV _ldap._tcp.Default-First-Site-Name._sites.ForestDnsZones.pilsbacher.at pre01svdeb02.pilsbacher.at 389 to dns_update_cache Failed update of 10 entries root at pre01svdeb02:~# samba_dnsupdate --verbose IPs: ['192.168.16.205'] Looking for DNS entry A pre01svdeb02.pilsbacher.at 192.168.16.205 as pre01svdeb02.pilsbacher.at. Looking for DNS entry NS pilsbacher.at pre01svdeb02.pilsbacher.at as pilsbacher.at. Looking for DNS entry NS _msdcs.pilsbacher.at pre01svdeb02.pilsbacher.at as _msdcs.pilsbacher.at. Looking for DNS entry A pilsbacher.at 192.168.16.205 as pilsbacher.at. Looking for DNS entry SRV _ldap._tcp.pilsbacher.at pre01svdeb02.pilsbacher.at 389 as _ldap._tcp.pilsbacher.at. Checking 0 100 389 pre01svdeb03.pilsbacher.at. against SRV _ldap._tcp.pilsbacher.at pre01svdeb02.pilsbacher.at 389 Checking 0 100 389 pre01svdeb02.pilsbacher.at. against SRV _ldap._tcp.pilsbacher.at pre01svdeb02.pilsbacher.at 389 Looking for DNS entry SRV _ldap._tcp.dc._msdcs.pilsbacher.at pre01svdeb02.pilsbacher.at 389 as _ldap._tcp.dc._msdcs.pilsbacher.at. Checking 0 100 389 pre01svdeb03.pilsbacher.at. against SRV _ldap._tcp.dc._msdcs.pilsbacher.at pre01svdeb02.pilsbacher.at 389 Checking 0 100 389 pre01svdeb02.pilsbacher.at. against SRV _ldap._tcp.dc._msdcs.pilsbacher.at pre01svdeb02.pilsbacher.at 389 Looking for DNS entry SRV _ldap._tcp.317d1ccc-8df7-4ec6-9a6b-031a060da9b7.domains._msdcs.pilsbacher.at pre01svdeb02.pilsbacher.at 389 as _ldap._tcp.317d1ccc-8df7-4ec6-9a6b-031a060da9b7.domains._msdcs.pilsbacher.at. Checking 0 100 389 pre01svdeb03.pilsbacher.at. against SRV _ldap._tcp.317d1ccc-8df7-4ec6-9a6b-031a060da9b7.domains._msdcs.pilsbacher.at pre01svdeb02.pilsbacher.at 389 Checking 0 100 389 pre01svdeb02.pilsbacher.at. against SRV _ldap._tcp.317d1ccc-8df7-4ec6-9a6b-031a060da9b7.domains._msdcs.pilsbacher.at pre01svdeb02.pilsbacher.at 389 Looking for DNS entry SRV _kerberos._tcp.pilsbacher.at pre01svdeb02.pilsbacher.at 88 as _kerberos._tcp.pilsbacher.at. Checking 0 100 88 pre01svdeb03.pilsbacher.at. against SRV _kerberos._tcp.pilsbacher.at pre01svdeb02.pilsbacher.at 88 Checking 0 100 88 pre01svdeb02.pilsbacher.at. against SRV _kerberos._tcp.pilsbacher.at pre01svdeb02.pilsbacher.at 88 Looking for DNS entry SRV _kerberos._udp.pilsbacher.at pre01svdeb02.pilsbacher.at 88 as _kerberos._udp.pilsbacher.at. Checking 0 100 88 pre01svdeb03.pilsbacher.at. against SRV _kerberos._udp.pilsbacher.at pre01svdeb02.pilsbacher.at 88 Checking 0 100 88 pre01svdeb02.pilsbacher.at. against SRV _kerberos._udp.pilsbacher.at pre01svdeb02.pilsbacher.at 88 Looking for DNS entry SRV _kerberos._tcp.dc._msdcs.pilsbacher.at pre01svdeb02.pilsbacher.at 88 as _kerberos._tcp.dc._msdcs.pilsbacher.at. Checking 0 100 88 pre01svdeb03.pilsbacher.at. against SRV _kerberos._tcp.dc._msdcs.pilsbacher.at pre01svdeb02.pilsbacher.at 88 Checking 0 100 88 pre01svdeb02.pilsbacher.at. against SRV _kerberos._tcp.dc._msdcs.pilsbacher.at pre01svdeb02.pilsbacher.at 88 Looking for DNS entry SRV _kpasswd._tcp.pilsbacher.at pre01svdeb02.pilsbacher.at 464 as _kpasswd._tcp.pilsbacher.at. Checking 0 100 464 pre01svdeb03.pilsbacher.at. against SRV _kpasswd._tcp.pilsbacher.at pre01svdeb02.pilsbacher.at 464 Checking 0 100 464 pre01svdeb02.pilsbacher.at. against SRV _kpasswd._tcp.pilsbacher.at pre01svdeb02.pilsbacher.at 464 Looking for DNS entry SRV _kpasswd._udp.pilsbacher.at pre01svdeb02.pilsbacher.at 464 as _kpasswd._udp.pilsbacher.at. Checking 0 100 464 pre01svdeb03.pilsbacher.at. against SRV _kpasswd._udp.pilsbacher.at pre01svdeb02.pilsbacher.at 464 Checking 0 100 464 pre01svdeb02.pilsbacher.at. against SRV _kpasswd._udp.pilsbacher.at pre01svdeb02.pilsbacher.at 464 Looking for DNS entry CNAME 87c2112d-fdbc-41e6-a333-b6032fa2067f._msdcs.pilsbacher.at pre01svdeb02.pilsbacher.at as 87c2112d-fdbc-41e6-a333-b6032fa2067f._msdcs.pilsbacher.at. Looking for DNS entry SRV _ldap._tcp.Default-First-Site-Name._sites.pilsbacher.at pre01svdeb02.pilsbacher.at 389 as _ldap._tcp.Default-First-Site-Name._sites.pilsbacher.at. Checking 0 100 389 pre01svdeb03.pilsbacher.at. against SRV _ldap._tcp.Default-First-Site-Name._sites.pilsbacher.at pre01svdeb02.pilsbacher.at 389 Checking 0 100 389 pre01svdeb02.pilsbacher.at. against SRV _ldap._tcp.Default-First-Site-Name._sites.pilsbacher.at pre01svdeb02.pilsbacher.at 389 Looking for DNS entry SRV _ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.pilsbacher.at pre01svdeb02.pilsbacher.at 389 as _ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.pilsbacher.at. Checking 0 100 389 pre01svdeb03.pilsbacher.at. against SRV _ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.pilsbacher.at pre01svdeb02.pilsbacher.at 389 Checking 0 100 389 pre01svdeb02.pilsbacher.at. against SRV _ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.pilsbacher.at pre01svdeb02.pilsbacher.at 389 Looking for DNS entry SRV _kerberos._tcp.Default-First-Site-Name._sites.pilsbacher.at pre01svdeb02.pilsbacher.at 88 as _kerberos._tcp.Default-First-Site-Name._sites.pilsbacher.at. Checking 0 100 88 pre01svdeb03.pilsbacher.at. against SRV _kerberos._tcp.Default-First-Site-Name._sites.pilsbacher.at pre01svdeb02.pilsbacher.at 88 Checking 0 100 88 pre01svdeb02.pilsbacher.at. against SRV _kerberos._tcp.Default-First-Site-Name._sites.pilsbacher.at pre01svdeb02.pilsbacher.at 88 Looking for DNS entry SRV _kerberos._tcp.Default-First-Site-Name._sites.dc._msdcs.pilsbacher.at pre01svdeb02.pilsbacher.at 88 as _kerberos._tcp.Default-First-Site-Name._sites.dc._msdcs.pilsbacher.at. Checking 0 100 88 pre01svdeb03.pilsbacher.at. against SRV _kerberos._tcp.Default-First-Site-Name._sites.dc._msdcs.pilsbacher.at pre01svdeb02.pilsbacher.at 88 Checking 0 100 88 pre01svdeb02.pilsbacher.at. against SRV _kerberos._tcp.Default-First-Site-Name._sites.dc._msdcs.pilsbacher.at pre01svdeb02.pilsbacher.at 88 Looking for DNS entry A gc._msdcs.pilsbacher.at 192.168.16.205 as gc._msdcs.pilsbacher.at. Looking for DNS entry SRV _gc._tcp.pilsbacher.at pre01svdeb02.pilsbacher.at 3268 as _gc._tcp.pilsbacher.at. Checking 0 100 3268 pre01svdeb03.pilsbacher.at. against SRV _gc._tcp.pilsbacher.at pre01svdeb02.pilsbacher.at 3268 Checking 0 100 3268 pre01svdeb02.pilsbacher.at. against SRV _gc._tcp.pilsbacher.at pre01svdeb02.pilsbacher.at 3268 Looking for DNS entry SRV _ldap._tcp.gc._msdcs.pilsbacher.at pre01svdeb02.pilsbacher.at 3268 as _ldap._tcp.gc._msdcs.pilsbacher.at. Checking 0 100 3268 pre01svdeb03.pilsbacher.at. against SRV _ldap._tcp.gc._msdcs.pilsbacher.at pre01svdeb02.pilsbacher.at 3268 Checking 0 100 3268 pre01svdeb02.pilsbacher.at. against SRV _ldap._tcp.gc._msdcs.pilsbacher.at pre01svdeb02.pilsbacher.at 3268 Looking for DNS entry SRV _gc._tcp.Default-First-Site-Name._sites.pilsbacher.at pre01svdeb02.pilsbacher.at 3268 as _gc._tcp.Default-First-Site-Name._sites.pilsbacher.at. Checking 0 100 3268 pre01svdeb03.pilsbacher.at. against SRV _gc._tcp.Default-First-Site-Name._sites.pilsbacher.at pre01svdeb02.pilsbacher.at 3268 Checking 0 100 3268 pre01svdeb02.pilsbacher.at. against SRV _gc._tcp.Default-First-Site-Name._sites.pilsbacher.at pre01svdeb02.pilsbacher.at 3268 Looking for DNS entry SRV _ldap._tcp.Default-First-Site-Name._sites.gc._msdcs.pilsbacher.at pre01svdeb02.pilsbacher.at 3268 as _ldap._tcp.Default-First-Site-Name._sites.gc._msdcs.pilsbacher.at. Checking 0 100 3268 pre01svdeb03.pilsbacher.at. against SRV _ldap._tcp.Default-First-Site-Name._sites.gc._msdcs.pilsbacher.at pre01svdeb02.pilsbacher.at 3268 Checking 0 100 3268 pre01svdeb02.pilsbacher.at. against SRV _ldap._tcp.Default-First-Site-Name._sites.gc._msdcs.pilsbacher.at pre01svdeb02.pilsbacher.at 3268 Looking for DNS entry A DomainDnsZones.pilsbacher.at 192.168.16.205 as DomainDnsZones.pilsbacher.at. Looking for DNS entry SRV _ldap._tcp.DomainDnsZones.pilsbacher.at pre01svdeb02.pilsbacher.at 389 as _ldap._tcp.DomainDnsZones.pilsbacher.at. Checking 0 100 389 pre01svdeb03.pilsbacher.at. against SRV _ldap._tcp.DomainDnsZones.pilsbacher.at pre01svdeb02.pilsbacher.at 389 Checking 0 100 389 pre01svdeb02.pilsbacher.at. against SRV _ldap._tcp.DomainDnsZones.pilsbacher.at pre01svdeb02.pilsbacher.at 389 Looking for DNS entry SRV _ldap._tcp.Default-First-Site-Name._sites.DomainDnsZones.pilsbacher.at pre01svdeb02.pilsbacher.at 389 as _ldap._tcp.Default-First-Site-Name._sites.DomainDnsZones.pilsbacher.at. Checking 0 100 389 pre01svdeb03.pilsbacher.at. against SRV _ldap._tcp.Default-First-Site-Name._sites.DomainDnsZones.pilsbacher.at pre01svdeb02.pilsbacher.at 389 Checking 0 100 389 pre01svdeb02.pilsbacher.at. against SRV _ldap._tcp.Default-First-Site-Name._sites.DomainDnsZones.pilsbacher.at pre01svdeb02.pilsbacher.at 389 Looking for DNS entry A ForestDnsZones.pilsbacher.at 192.168.16.205 as ForestDnsZones.pilsbacher.at. Looking for DNS entry SRV _ldap._tcp.ForestDnsZones.pilsbacher.at pre01svdeb02.pilsbacher.at 389 as _ldap._tcp.ForestDnsZones.pilsbacher.at. Checking 0 100 389 pre01svdeb03.pilsbacher.at. against SRV _ldap._tcp.ForestDnsZones.pilsbacher.at pre01svdeb02.pilsbacher.at 389 Checking 0 100 389 pre01svdeb02.pilsbacher.at. against SRV _ldap._tcp.ForestDnsZones.pilsbacher.at pre01svdeb02.pilsbacher.at 389 Looking for DNS entry SRV _ldap._tcp.Default-First-Site-Name._sites.ForestDnsZones.pilsbacher.at pre01svdeb02.pilsbacher.at 389 as _ldap._tcp.Default-First-Site-Name._sites.ForestDnsZones.pilsbacher.at. Checking 0 100 389 pre01svdeb03.pilsbacher.at. against SRV _ldap._tcp.Default-First-Site-Name._sites.ForestDnsZones.pilsbacher.at pre01svdeb02.pilsbacher.at 389 Checking 0 100 389 pre01svdeb02.pilsbacher.at. against SRV _ldap._tcp.Default-First-Site-Name._sites.ForestDnsZones.pilsbacher.at pre01svdeb02.pilsbacher.at 389 No DNS updates needed but so far no entries there showrepl looks good to me ... just wait for some magic to happen?
Stefan G. Weichinger
2019-Jul-31 17:56 UTC
[Samba] GPO issues - getting SYSVOL cleaned up again
Am 31.07.19 um 19:19 schrieb Stefan G. Weichinger via samba:> but so far no entries thereadded that PTR looks good to me now! GPOs are applied, all MMCs etc work without error I switched the direction of the sysvol-rsync ... DEB03 keeps FSMO-roles for now. I now test some GPOs that I actually need there. - Observation: still one server DNS-entry in CAPS and the other in low-case ...
Stefan G. Weichinger
2019-Jul-31 19:24 UTC
[Samba] GPO issues - getting SYSVOL cleaned up again
Am 31.07.19 um 19:56 schrieb Stefan G. Weichinger via samba:> Am 31.07.19 um 19:19 schrieb Stefan G. Weichinger via samba: > >> but so far no entries there > > added that PTR > looks good to me now! > > GPOs are applied, all MMCs etc work without error > > I switched the direction of the sysvol-rsync ... DEB03 keeps FSMO-roles > for now. > > I now test some GPOs that I actually need there.still fine behavior ... I assume and hope that this was the solution. A big and official THANK YOU to Louis and Rowland for the patience and help here!
L.P.H. van Belle
2019-Aug-01 07:13 UTC
[Samba] GPO issues - getting SYSVOL cleaned up again
Good morning Stefan. Your welkom. I see everything worked out now. Great !! Well done, you made it happen. :-) What i suggest now, at least these are the steps i always do to make sure the DC's are having a exact same setup. First, i clear all my logs and reboot one server. Wait 15-30 min, then go through all you logs, fix every warning/error. Make it perfect. Reboot again, repeat this untill its 100% correct booting. I suggest one more thing and that is, you check the following. Check if you zones have both the NS records. Startup the DNS tool. Goto you primary dnszone ( and repeat for all other zones ) Do you see all your DC's as NS record in the zone, then its ok, if not.. Klik and Properties on the zone. ( left panel ) Goto Tab "Nameservers", add the other. Greetz, Louis> -----Oorspronkelijk bericht----- > Van: samba [mailto:samba-bounces at lists.samba.org] Namens > Stefan G. Weichinger via samba > Verzonden: woensdag 31 juli 2019 21:25 > Aan: samba at lists.samba.org > Onderwerp: Re: [Samba] GPO issues - getting SYSVOL cleaned up again > > Am 31.07.19 um 19:56 schrieb Stefan G. Weichinger via samba: > > Am 31.07.19 um 19:19 schrieb Stefan G. Weichinger via samba: > > > >> but so far no entries there > > > > added that PTR > > looks good to me now! > > > > GPOs are applied, all MMCs etc work without error > > > > I switched the direction of the sysvol-rsync ... DEB03 > keeps FSMO-roles > > for now. > > > > I now test some GPOs that I actually need there. > > still fine behavior ... > > I assume and hope that this was the solution. > > A big and official THANK YOU to Louis and Rowland for the patience and > help here! > > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba > >