Dear all,
somehow, new PTR records are not visible. This is on 4.11.6 DC with
BIND9 ... Here is what happens:
root at dc1:~# cat /etc/samba/smb.conf
# Global parameters
[global]
bind interfaces only = Yes
interfaces = 127.0.0.1 XXX.YYY.103.1
netbios name = DC1
realm = SAMDOM.REST_OF_FQDN
server role = active directory domain controller
server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc,
drepl, winbindd, ntp_signd, kcc, dnsupdate
workgroup = SAMDOM
idmap_ldb:use rfc2307 = yes
winbind expand groups = 2
wins support = yes
template shell = /bin/bash
winbind enum users = yes
winbind enum groups = yes
ntlm auth = yes
allow dns updates = disabled
kdc:service ticket lifetime = 24
kdc:user ticket lifetime = 24
kdc:renewal lifetime = 168
[netlogon]
path = /var/lib/samba/sysvol/fqdn/scripts
read only = No
[sysvol]
path = /var/lib/samba/sysvol
read only = No
root at dc1:~# host XXX.YYY.103.216
Host 216.103.YYY.XXX.in-addr.arpa. not found: 3(NXDOMAIN)
root at dc1:~# samba-tool dns add dc1 103.YYY.XXX.in-addr.arpa 216 PTR \
afs3.rest_of_fqdn -k yes
Record added successfully
root at dc1:~# host XXX.YYY.103.216
Host 216.103.YYY.XXX.in-addr.arpa. not found: 3(NXDOMAIN)
root at dc1:~# samba-tool dns delete dc1 103.YYY.XXX.in-addr.arpa 216 PTR \
afs3.rest_of_fqdn -k yes
Record deleted successfully
What is happening here?
We also use a script to set DNS records from ISC DHCP using calls to
samba-tool. Until recently, we also used that to create reverse records.
However, with the change from 4.10 to 4.11, it started to create some
records in the wrong reverse zones, so I have disabled the part of the
script that creates reverse records...
Could this be related to this thread here?
https://www.spinics.net/lists/samba/msg162253.html
Thanks for any insights,
Christian
This is the BUG from that thread. We also see the same thing. https://bugzilla.samba.org/show_bug.cgi?id=14268 Regards Am 26.02.20 um 13:30 schrieb Christian via samba:> Dear all, > > somehow, new PTR records are not visible. This is on 4.11.6 DC with > BIND9 ... Here is what happens: > > root at dc1:~# cat /etc/samba/smb.conf > # Global parameters > [global] > bind interfaces only = Yes > interfaces = 127.0.0.1 XXX.YYY.103.1 > netbios name = DC1 > realm = SAMDOM.REST_OF_FQDN > server role = active directory domain controller > server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc, > drepl, winbindd, ntp_signd, kcc, dnsupdate > workgroup = SAMDOM > idmap_ldb:use rfc2307 = yes > winbind expand groups = 2 > wins support = yes > template shell = /bin/bash > winbind enum users = yes > winbind enum groups = yes > ntlm auth = yes > allow dns updates = disabled > kdc:service ticket lifetime = 24 > kdc:user ticket lifetime = 24 > kdc:renewal lifetime = 168 > > [netlogon] > path = /var/lib/samba/sysvol/fqdn/scripts > read only = No > > [sysvol] > path = /var/lib/samba/sysvol > read only = No > root at dc1:~# host XXX.YYY.103.216 > Host 216.103.YYY.XXX.in-addr.arpa. not found: 3(NXDOMAIN) > root at dc1:~# samba-tool dns add dc1 103.YYY.XXX.in-addr.arpa 216 PTR \ > afs3.rest_of_fqdn -k yes > Record added successfully > root at dc1:~# host XXX.YYY.103.216 > Host 216.103.YYY.XXX.in-addr.arpa. not found: 3(NXDOMAIN) > root at dc1:~# samba-tool dns delete dc1 103.YYY.XXX.in-addr.arpa 216 PTR \ > afs3.rest_of_fqdn -k yes > Record deleted successfully > > What is happening here? > > We also use a script to set DNS records from ISC DHCP using calls to > samba-tool. Until recently, we also used that to create reverse records. > However, with the change from 4.10 to 4.11, it started to create some > records in the wrong reverse zones, so I have disabled the part of the > script that creates reverse records... > > Could this be related to this thread here? > > https://www.spinics.net/lists/samba/msg162253.html > > Thanks for any insights, > > Christian >-- Dr. Christian Naumer Unit Head Bioprocess Development B.R.A.I.N Aktiengesellschaft Darmstaedter Str. 34-36, D-64673 Zwingenberg e-mail cn at brain-biotech.com, homepage www.brain-biotech.com fon +49-6251-9331-30 / fax +49-6251-9331-11 Sitz der Gesellschaft: Zwingenberg/Bergstrasse Registergericht AG Darmstadt, HRB 24758 Vorstand: Adriaan Moelker (Vorstandsvorsitzender), Manfred Bender, Ludger Roedder Aufsichtsratsvorsitzender: Dr. Georg Kellinghusen
Must be something with/or in combination with Centos and/or sernet packages. I just tested : samba-tool dns add dc1.internal.dom.tld 2.249.10.in-addr.arpa 157 PTR host.extrazone.dom.tld samba-tool dns add dc1.internal.dom.tld 0.249.10.in-addr.arpa 157 PTR host.extrazone.dom.tld samba-tool dns add dc1.internal.dom.tld 1.249.10.in-addr.arpa 157 PTR host.extrazone.dom.tld All checks are fine here. Debian 10, my own packages. Samba 4.11.6 + BIND9_DLZ is used . Greetz, Louis> -----Oorspronkelijk bericht----- > Van: samba [mailto:samba-bounces at lists.samba.org] Namens > Christian Naumer via samba > Verzonden: woensdag 26 februari 2020 13:47 > Aan: samba at lists.samba.org > Onderwerp: Re: [Samba] New PTR records not visible > > This is the BUG from that thread. We also see the same thing. > > > https://bugzilla.samba.org/show_bug.cgi?id=14268 > > Regards > > > Am 26.02.20 um 13:30 schrieb Christian via samba: > > Dear all, > > > > somehow, new PTR records are not visible. This is on 4.11.6 DC with > > BIND9 ... Here is what happens: > > > > root at dc1:~# cat /etc/samba/smb.conf > > # Global parameters > > [global] > > bind interfaces only = Yes > > interfaces = 127.0.0.1 XXX.YYY.103.1 > > netbios name = DC1 > > realm = SAMDOM.REST_OF_FQDN > > server role = active directory domain controller > > server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc, > > drepl, winbindd, ntp_signd, kcc, dnsupdate > > workgroup = SAMDOM > > idmap_ldb:use rfc2307 = yes > > winbind expand groups = 2 > > wins support = yes > > template shell = /bin/bash > > winbind enum users = yes > > winbind enum groups = yes > > ntlm auth = yes > > allow dns updates = disabled > > kdc:service ticket lifetime = 24 > > kdc:user ticket lifetime = 24 > > kdc:renewal lifetime = 168 > > > > [netlogon] > > path = /var/lib/samba/sysvol/fqdn/scripts > > read only = No > > > > [sysvol] > > path = /var/lib/samba/sysvol > > read only = No > > root at dc1:~# host XXX.YYY.103.216 > > Host 216.103.YYY.XXX.in-addr.arpa. not found: 3(NXDOMAIN) > > root at dc1:~# samba-tool dns add dc1 103.YYY.XXX.in-addr.arpa > 216 PTR \ > > afs3.rest_of_fqdn -k yes > > Record added successfully > > root at dc1:~# host XXX.YYY.103.216 > > Host 216.103.YYY.XXX.in-addr.arpa. not found: 3(NXDOMAIN) > > root at dc1:~# samba-tool dns delete dc1 > 103.YYY.XXX.in-addr.arpa 216 PTR \ > > afs3.rest_of_fqdn -k yes > > Record deleted successfully > > > > What is happening here? > > > > We also use a script to set DNS records from ISC DHCP using calls to > > samba-tool. Until recently, we also used that to create > reverse records. > > However, with the change from 4.10 to 4.11, it started to > create some > > records in the wrong reverse zones, so I have disabled the > part of the > > script that creates reverse records... > > > > Could this be related to this thread here? > > > > https://www.spinics.net/lists/samba/msg162253.html > > > > Thanks for any insights, > > > > Christian > > > > -- > Dr. Christian Naumer > Unit Head Bioprocess Development > B.R.A.I.N Aktiengesellschaft > Darmstaedter Str. 34-36, D-64673 Zwingenberg > e-mail cn at brain-biotech.com, homepage www.brain-biotech.com > fon +49-6251-9331-30 / fax +49-6251-9331-11 > > Sitz der Gesellschaft: Zwingenberg/Bergstrasse > Registergericht AG Darmstadt, HRB 24758 > Vorstand: Adriaan Moelker (Vorstandsvorsitzender), > Manfred Bender, Ludger Roedder > Aufsichtsratsvorsitzender: Dr. Georg Kellinghusen > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba > >
Hi Louis, the original reporter used compiled samba: https://www.spinics.net/lists/samba/msg162275.html Regards Am 26.02.20 um 15:06 schrieb L.P.H. van Belle via samba:> Must be something with/or in combination with Centos and/or sernet packages. > > I just tested : > samba-tool dns add dc1.internal.dom.tld 2.249.10.in-addr.arpa 157 PTR host.extrazone.dom.tld > samba-tool dns add dc1.internal.dom.tld 0.249.10.in-addr.arpa 157 PTR host.extrazone.dom.tld > samba-tool dns add dc1.internal.dom.tld 1.249.10.in-addr.arpa 157 PTR host.extrazone.dom.tld > > All checks are fine here. > > Debian 10, my own packages. > Samba 4.11.6 + BIND9_DLZ is used . > > > Greetz, > > Louis > > >> -----Oorspronkelijk bericht----- >> Van: samba [mailto:samba-bounces at lists.samba.org] Namens >> Christian Naumer via samba >> Verzonden: woensdag 26 februari 2020 13:47 >> Aan: samba at lists.samba.org >> Onderwerp: Re: [Samba] New PTR records not visible >> >> This is the BUG from that thread. We also see the same thing. >> >> >> https://bugzilla.samba.org/show_bug.cgi?id=14268 >> >> Regards >> >> >> Am 26.02.20 um 13:30 schrieb Christian via samba: >>> Dear all, >>> >>> somehow, new PTR records are not visible. This is on 4.11.6 DC with >>> BIND9 ... Here is what happens: >>> >>> root at dc1:~# cat /etc/samba/smb.conf >>> # Global parameters >>> [global] >>> bind interfaces only = Yes >>> interfaces = 127.0.0.1 XXX.YYY.103.1 >>> netbios name = DC1 >>> realm = SAMDOM.REST_OF_FQDN >>> server role = active directory domain controller >>> server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc, >>> drepl, winbindd, ntp_signd, kcc, dnsupdate >>> workgroup = SAMDOM >>> idmap_ldb:use rfc2307 = yes >>> winbind expand groups = 2 >>> wins support = yes >>> template shell = /bin/bash >>> winbind enum users = yes >>> winbind enum groups = yes >>> ntlm auth = yes >>> allow dns updates = disabled >>> kdc:service ticket lifetime = 24 >>> kdc:user ticket lifetime = 24 >>> kdc:renewal lifetime = 168 >>> >>> [netlogon] >>> path = /var/lib/samba/sysvol/fqdn/scripts >>> read only = No >>> >>> [sysvol] >>> path = /var/lib/samba/sysvol >>> read only = No >>> root at dc1:~# host XXX.YYY.103.216 >>> Host 216.103.YYY.XXX.in-addr.arpa. not found: 3(NXDOMAIN) >>> root at dc1:~# samba-tool dns add dc1 103.YYY.XXX.in-addr.arpa >> 216 PTR \ >>> afs3.rest_of_fqdn -k yes >>> Record added successfully >>> root at dc1:~# host XXX.YYY.103.216 >>> Host 216.103.YYY.XXX.in-addr.arpa. not found: 3(NXDOMAIN) >>> root at dc1:~# samba-tool dns delete dc1 >> 103.YYY.XXX.in-addr.arpa 216 PTR \ >>> afs3.rest_of_fqdn -k yes >>> Record deleted successfully >>> >>> What is happening here? >>> >>> We also use a script to set DNS records from ISC DHCP using calls to >>> samba-tool. Until recently, we also used that to create >> reverse records. >>> However, with the change from 4.10 to 4.11, it started to >> create some >>> records in the wrong reverse zones, so I have disabled the >> part of the >>> script that creates reverse records... >>> >>> Could this be related to this thread here? >>> >>> https://www.spinics.net/lists/samba/msg162253.html >>> >>> Thanks for any insights, >>> >>> Christian >>> >> >> -- >> Dr. Christian Naumer >> Unit Head Bioprocess Development >> B.R.A.I.N Aktiengesellschaft >> Darmstaedter Str. 34-36, D-64673 Zwingenberg >> e-mail cn at brain-biotech.com, homepage www.brain-biotech.com >> fon +49-6251-9331-30 / fax +49-6251-9331-11 >> >> Sitz der Gesellschaft: Zwingenberg/Bergstrasse >> Registergericht AG Darmstadt, HRB 24758 >> Vorstand: Adriaan Moelker (Vorstandsvorsitzender), >> Manfred Bender, Ludger Roedder >> Aufsichtsratsvorsitzender: Dr. Georg Kellinghusen >> >> -- >> To unsubscribe from this list go to the following URL and read the >> instructions: https://lists.samba.org/mailman/options/samba >> >> > >-- Dr. Christian Naumer Unit Head Bioprocess Development B.R.A.I.N Aktiengesellschaft Darmstaedter Str. 34-36, D-64673 Zwingenberg e-mail cn at brain-biotech.com, homepage www.brain-biotech.com fon +49-6251-9331-30 / fax +49-6251-9331-11 Sitz der Gesellschaft: Zwingenberg/Bergstrasse Registergericht AG Darmstadt, HRB 24758 Vorstand: Adriaan Moelker (Vorstandsvorsitzender), Manfred Bender, Ludger Roedder Aufsichtsratsvorsitzender: Dr. Georg Kellinghusen
So strange.. I copied your commando's only change the arpa and servername / domainnames All worked. So far nobody told how there ad-dc and DNS is setup.. Which i why i added :> > Debian 10, my own packages. > > Samba 4.11.6 + BIND9_DLZ is used .Now are you using samba DNS or BIND_DLZ dns ? That might help here. Greetz, Louis> -----Oorspronkelijk bericht----- > Van: samba [mailto:samba-bounces at lists.samba.org] Namens > Christian Naumer via samba > Verzonden: woensdag 26 februari 2020 15:21 > Aan: samba at lists.samba.org > Onderwerp: Re: [Samba] New PTR records not visible > > Hi Louis, > the original reporter used compiled samba: > > https://www.spinics.net/lists/samba/msg162275.html > > Regards > > > Am 26.02.20 um 15:06 schrieb L.P.H. van Belle via samba: > > Must be something with/or in combination with Centos and/or > sernet packages. > > > > I just tested : > > samba-tool dns add dc1.internal.dom.tld > 2.249.10.in-addr.arpa 157 PTR host.extrazone.dom.tld > > samba-tool dns add dc1.internal.dom.tld > 0.249.10.in-addr.arpa 157 PTR host.extrazone.dom.tld > > samba-tool dns add dc1.internal.dom.tld > 1.249.10.in-addr.arpa 157 PTR host.extrazone.dom.tld > > > > All checks are fine here. > > > > Debian 10, my own packages. > > Samba 4.11.6 + BIND9_DLZ is used . > > > > > > Greetz, > > > > Louis > > > > > >> -----Oorspronkelijk bericht----- > >> Van: samba [mailto:samba-bounces at lists.samba.org] Namens > >> Christian Naumer via samba > >> Verzonden: woensdag 26 februari 2020 13:47 > >> Aan: samba at lists.samba.org > >> Onderwerp: Re: [Samba] New PTR records not visible > >> > >> This is the BUG from that thread. We also see the same thing. > >> > >> > >> https://bugzilla.samba.org/show_bug.cgi?id=14268 > >> > >> Regards > >> > >> > >> Am 26.02.20 um 13:30 schrieb Christian via samba: > >>> Dear all, > >>> > >>> somehow, new PTR records are not visible. This is on > 4.11.6 DC with > >>> BIND9 ... Here is what happens: > >>> > >>> root at dc1:~# cat /etc/samba/smb.conf > >>> # Global parameters > >>> [global] > >>> bind interfaces only = Yes > >>> interfaces = 127.0.0.1 XXX.YYY.103.1 > >>> netbios name = DC1 > >>> realm = SAMDOM.REST_OF_FQDN > >>> server role = active directory domain controller > >>> server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc, > >>> drepl, winbindd, ntp_signd, kcc, dnsupdate > >>> workgroup = SAMDOM > >>> idmap_ldb:use rfc2307 = yes > >>> winbind expand groups = 2 > >>> wins support = yes > >>> template shell = /bin/bash > >>> winbind enum users = yes > >>> winbind enum groups = yes > >>> ntlm auth = yes > >>> allow dns updates = disabled > >>> kdc:service ticket lifetime = 24 > >>> kdc:user ticket lifetime = 24 > >>> kdc:renewal lifetime = 168 > >>> > >>> [netlogon] > >>> path = /var/lib/samba/sysvol/fqdn/scripts > >>> read only = No > >>> > >>> [sysvol] > >>> path = /var/lib/samba/sysvol > >>> read only = No > >>> root at dc1:~# host XXX.YYY.103.216 > >>> Host 216.103.YYY.XXX.in-addr.arpa. not found: 3(NXDOMAIN) > >>> root at dc1:~# samba-tool dns add dc1 103.YYY.XXX.in-addr.arpa > >> 216 PTR \ > >>> afs3.rest_of_fqdn -k yes > >>> Record added successfully > >>> root at dc1:~# host XXX.YYY.103.216 > >>> Host 216.103.YYY.XXX.in-addr.arpa. not found: 3(NXDOMAIN) > >>> root at dc1:~# samba-tool dns delete dc1 > >> 103.YYY.XXX.in-addr.arpa 216 PTR \ > >>> afs3.rest_of_fqdn -k yes > >>> Record deleted successfully > >>> > >>> What is happening here? > >>> > >>> We also use a script to set DNS records from ISC DHCP > using calls to > >>> samba-tool. Until recently, we also used that to create > >> reverse records. > >>> However, with the change from 4.10 to 4.11, it started to > >> create some > >>> records in the wrong reverse zones, so I have disabled the > >> part of the > >>> script that creates reverse records... > >>> > >>> Could this be related to this thread here? > >>> > >>> https://www.spinics.net/lists/samba/msg162253.html > >>> > >>> Thanks for any insights, > >>> > >>> Christian > >>> > >> > >> -- > >> Dr. Christian Naumer > >> Unit Head Bioprocess Development > >> B.R.A.I.N Aktiengesellschaft > >> Darmstaedter Str. 34-36, D-64673 Zwingenberg > >> e-mail cn at brain-biotech.com, homepage www.brain-biotech.com > >> fon +49-6251-9331-30 / fax +49-6251-9331-11 > >> > >> Sitz der Gesellschaft: Zwingenberg/Bergstrasse > >> Registergericht AG Darmstadt, HRB 24758 > >> Vorstand: Adriaan Moelker (Vorstandsvorsitzender), > >> Manfred Bender, Ludger Roedder > >> Aufsichtsratsvorsitzender: Dr. Georg Kellinghusen > >> > >> -- > >> To unsubscribe from this list go to the following URL and read the > >> instructions: https://lists.samba.org/mailman/options/samba > >> > >> > > > > > > -- > Dr. Christian Naumer > Unit Head Bioprocess Development > B.R.A.I.N Aktiengesellschaft > Darmstaedter Str. 34-36, D-64673 Zwingenberg > e-mail cn at brain-biotech.com, homepage www.brain-biotech.com > fon +49-6251-9331-30 / fax +49-6251-9331-11 > > Sitz der Gesellschaft: Zwingenberg/Bergstrasse > Registergericht AG Darmstadt, HRB 24758 > Vorstand: Adriaan Moelker (Vorstandsvorsitzender), > Manfred Bender, Ludger Roedder > Aufsichtsratsvorsitzender: Dr. Georg Kellinghusen > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba > >