thr3ads.net - samba - [Samba] samba 4.12.2: WERR_DNS_ERROR_DS_UNAVAILABLE, unable to manage samba DNS [Apr 2020]

If this information is useful, please help other people find it:
Share via:

Andrew Bartlett

2020-Apr-29 20:03 UTC

[Samba] samba 4.12.2: WERR_DNS_ERROR_DS_UNAVAILABLE, unable to manage samba DNS

G'Day Olaf,

If this was working before, then it would be this bug:

https://bugzilla.samba.org/show_bug.cgi?id=14310

I'm a bit swamped right now, per Microsoft the correct fix is for our
DNS Management server to ignore these values.

Can you see if your error looks like this in the server logs?

Andrew Bartlett

On Wed, 2020-04-29 at 18:53 +0200, Olaf Dreyer via samba
wrote:> Well, sometimes I  feel really old.....
> 
> The last dynamic changes in DNS where made earlier this month,
> probably 
> before I upgraded from 4.11.5 to newer version. With samba 4.11.5
> DNS 
> administration using samba-tool was working fine.
> 
> Do you think this old setup is the reason for the problems?Any way
> to 
> fix it?
> 
> Best regards,
> Olaf
> 
> Am 29.04.2020 um 18:35 schrieb Rowland penny via samba:
> 
> > On 29/04/2020 17:29, Olaf Dreyer wrote:
> > > Hi Rowland,
> > > 
> > > this is a good question. Does this listing help or answer?
> > > 
> > > root at OMTNDC3:/usr/local/samba/private/sam.ldb.d# ls -al
> > > total 93220 Node,CN=Schema,CN=Configuration,DC=omtn,DC=de
> > > drwxr-x--- 2 root bind      4096 Apr 28 16:03 .
> > > drwx------ 7 root root      4096 Apr 29 11:25 ..
> > > -rw------- 1 root staff 30384128 Apr 29 12:46 
> > > 'CN=CONFIGURATION,DC=OMTN,DC=DE.ldb'
> > > -rw------- 1 root staff 33878016 Apr 29 12:46 
> > > 'CN=SCHEMA,CN=CONFIGURATION,DC=OMTN,DC=DE.ldb'
> > > -rw-rw---- 1 root bind   4247552 Apr 29 12:46 
> > > 'DC=DOMAINDNSZONES,DC=OMTN,DC=DE.ldb'
> > > -rw-rw---- 1 root bind   6885376 Apr 29 12:46 
> > > 'DC=FORESTDNSZONES,DC=OMTN,DC=DE.ldb'
> > > -rw------- 1 root staff 19218432 Apr 29 12:46
'DC=OMTN,DC=DE.ldb'
> > > -rw-rw---- 1 root bind    831488 Apr 29 11:07 metadata.tdb
> > > 
> > > Some output from ldb
> > > /usr/local/samba/bin/ldbsearch --cross-ncs --show-binary -H 
> > > /usr/local/samba/private/sam.ldb -b dc=omtn,dc=de -s sub 
> > > '(&(objectclass=dnsNode)(name=*))' > ~/addns
> > > 
> > > oot at OMTNDC8:~# grep dn: ~/addns | grep DNS | grep
"_ms"
> > > dn: 
> > > DC=_kerberos._tcp.dc._msdcs,DC=omtn.de,CN=MicrosoftDNS,DC=ForestD
> > > nsZones,DC=omtn,DC=de
> > > dn: 
> > > DC=_ldap._tcp.dc._msdcs,DC=omtn.de,CN=MicrosoftDNS,DC=ForestDnsZo
> > > nes,DC=omtn,DC=de
> > > dn: 
> > > DC=_ldap._tcp.b66950c4-e9b8-4bc9-b625-
> > > 5b7d8a36f903.domains._msdcs,DC=omtn.de,CN=MicrosoftDNS,DC=ForestD
> > > nsZones,DC=omtn,DC=de
> > > dn: 
> > >
DC=_ldap._tcp.CorporateDataCenter._sites.gc._msdcs,DC=omtn.de,CN> > >
MicrosoftDNS,DC=ForestDnsZones,DC=omtn,DC=de
> > > dn: 
> > > DC=7abd666f-d3bc-4e8f-9ff3-
> > > cf3abd802ee5._msdcs,DC=omtn.de,CN=MicrosoftDNS,DC=ForestDnsZones,
> > > DC=omtn,DC=de
> > > dn: 
> > > DC=_ldap._tcp.gc._msdcs,DC=omtn.de,CN=MicrosoftDNS,DC=ForestDnsZo
> > > nes,DC=omtn,DC=de
> > > dn: 
> > > DC=_tcp.CorporateDataCenter._sites.gc._msdcs,DC=omtn.de,CN=Micros
> > > oftDNS,DC=ForestDnsZones,DC=omtn,DC=de
> > > dn: 
> > > DC=gc._msdcs,DC=omtn.de,CN=MicrosoftDNS,DC=ForestDnsZones,DC=omtn
> > > ,DC=de
> > > dn:
> > > DC=_msdcs,DC=omtn.de,CN=MicrosoftDNS,DC=ForestDnsZones,DC=omtn,DC
> > > =de
> > > dn: 
> > > DC=_kerberos._tcp.CorporateDataCenter._sites.dc._msdcs,DC=omtn.de
> > > ,CN=MicrosoftDNS,DC=ForestDnsZones,DC=omtn,DC=de
> > > dn: 
> > > DC=_ldap._tcp.pdc._msdcs,DC=omtn.de,CN=MicrosoftDNS,DC=ForestDnsZ
> > > ones,DC=omtn,DC=de
> > > dn: 
> > > DC=8e100b0b-c414-4fef-9137-
> > > a16749633c5d._msdcs,DC=omtn.de,CN=MicrosoftDNS,DC=ForestDnsZones,
> > > DC=omtn,DC=de
> > > dn: 
> > > DC=2d035437-cec0-4a24-bdd0-
> > > 0b599915e3b6._msdcs,DC=omtn.de,CN=MicrosoftDNS,DC=ForestDnsZones,
> > > DC=omtn,DC=de
> > > dn: 
> > >
DC=_ldap._tcp.CorporateDataCenter._sites.dc._msdcs,DC=omtn.de,CN> > >
MicrosoftDNS,DC=ForestDnsZones,DC=omtn,DC=de
> > 
> > 
> > You have the 2000K dns, there appears to be nothing in ' 
> > CN=MicrosoftDNS,DC=DomainDnsZones,DC=omtn,DC=de'
> > 
> > Rowland
> > 
> > 
> 
> -- 
Andrew Bartlett                       https://samba.org/~abartlet/
Authentication Developer, Samba Team  https://samba.org
Samba Developer, Catalyst IT          
https://catalyst.net.nz/services/samba

Olaf Dreyer

2020-Apr-30 10:44 UTC

head link

[Samba] samba 4.12.2: WERR_DNS_ERROR_DS_UNAVAILABLE, unable to manage samba DNS

Hi,

I restored the last backup with the 4.11.6 setup. This is working fine 
and i can confirm that my AD is set up with a single forwarding zone, 
there is no _msdsc zone. On this 4.11.6 setup also the Windows DNS Tool 
does not complain. When upgrading to 4.12.2 DNS administration fails 
again with WERR_DNS_ERROR_DS_UNAVAILABLE.

I will try the steps described in the MS document? and come back with 
the results.

Best regards,
Olaf


Am 29.04.2020 um 22:03 schrieb Andrew Bartlett via
samba:> G'Day Olaf,
>
> If this was working before, then it would be this bug:
>
> https://bugzilla.samba.org/show_bug.cgi?id=14310
>
> I'm a bit swamped right now, per Microsoft the correct fix is for our
> DNS Management server to ignore these values.
>
> Can you see if your error looks like this in the server logs?
>
> Andrew Bartlett
>
> On Wed, 2020-04-29 at 18:53 +0200, Olaf Dreyer via samba wrote:
>> Well, sometimes I  feel really old.....
>>
>> The last dynamic changes in DNS where made earlier this month,
>> probably
>> before I upgraded from 4.11.5 to newer version. With samba 4.11.5
>> DNS
>> administration using samba-tool was working fine.
>>
>> Do you think this old setup is the reason for the problems?Any way
>> to
>> fix it?
>>
>> Best regards,
>> Olaf
>>
>> Am 29.04.2020 um 18:35 schrieb Rowland penny via samba:
>>
>>> On 29/04/2020 17:29, Olaf Dreyer wrote:
>>>> Hi Rowland,
>>>>
>>>> this is a good question. Does this listing help or answer?
>>>>
>>>> root at OMTNDC3:/usr/local/samba/private/sam.ldb.d# ls -al
>>>> total 93220 Node,CN=Schema,CN=Configuration,DC=omtn,DC=de
>>>> drwxr-x--- 2 root bind      4096 Apr 28 16:03 .
>>>> drwx------ 7 root root      4096 Apr 29 11:25 ..
>>>> -rw------- 1 root staff 30384128 Apr 29 12:46
>>>> 'CN=CONFIGURATION,DC=OMTN,DC=DE.ldb'
>>>> -rw------- 1 root staff 33878016 Apr 29 12:46
>>>> 'CN=SCHEMA,CN=CONFIGURATION,DC=OMTN,DC=DE.ldb'
>>>> -rw-rw---- 1 root bind   4247552 Apr 29 12:46
>>>> 'DC=DOMAINDNSZONES,DC=OMTN,DC=DE.ldb'
>>>> -rw-rw---- 1 root bind   6885376 Apr 29 12:46
>>>> 'DC=FORESTDNSZONES,DC=OMTN,DC=DE.ldb'
>>>> -rw------- 1 root staff 19218432 Apr 29 12:46
'DC=OMTN,DC=DE.ldb'
>>>> -rw-rw---- 1 root bind    831488 Apr 29 11:07 metadata.tdb
>>>>
>>>> Some output from ldb
>>>> /usr/local/samba/bin/ldbsearch --cross-ncs --show-binary -H
>>>> /usr/local/samba/private/sam.ldb -b dc=omtn,dc=de -s sub
>>>> '(&(objectclass=dnsNode)(name=*))' > ~/addns
>>>>
>>>> oot at OMTNDC8:~# grep dn: ~/addns | grep DNS | grep
"_ms"
>>>> dn:
>>>>
DC=_kerberos._tcp.dc._msdcs,DC=omtn.de,CN=MicrosoftDNS,DC=ForestD
>>>> nsZones,DC=omtn,DC=de
>>>> dn:
>>>>
DC=_ldap._tcp.dc._msdcs,DC=omtn.de,CN=MicrosoftDNS,DC=ForestDnsZo
>>>> nes,DC=omtn,DC=de
>>>> dn:
>>>> DC=_ldap._tcp.b66950c4-e9b8-4bc9-b625-
>>>>
5b7d8a36f903.domains._msdcs,DC=omtn.de,CN=MicrosoftDNS,DC=ForestD
>>>> nsZones,DC=omtn,DC=de
>>>> dn:
>>>>
DC=_ldap._tcp.CorporateDataCenter._sites.gc._msdcs,DC=omtn.de,CN>>>>
MicrosoftDNS,DC=ForestDnsZones,DC=omtn,DC=de
>>>> dn:
>>>> DC=7abd666f-d3bc-4e8f-9ff3-
>>>>
cf3abd802ee5._msdcs,DC=omtn.de,CN=MicrosoftDNS,DC=ForestDnsZones,
>>>> DC=omtn,DC=de
>>>> dn:
>>>>
DC=_ldap._tcp.gc._msdcs,DC=omtn.de,CN=MicrosoftDNS,DC=ForestDnsZo
>>>> nes,DC=omtn,DC=de
>>>> dn:
>>>>
DC=_tcp.CorporateDataCenter._sites.gc._msdcs,DC=omtn.de,CN=Micros
>>>> oftDNS,DC=ForestDnsZones,DC=omtn,DC=de
>>>> dn:
>>>>
DC=gc._msdcs,DC=omtn.de,CN=MicrosoftDNS,DC=ForestDnsZones,DC=omtn
>>>> ,DC=de
>>>> dn:
>>>>
DC=_msdcs,DC=omtn.de,CN=MicrosoftDNS,DC=ForestDnsZones,DC=omtn,DC
>>>> =de
>>>> dn:
>>>>
DC=_kerberos._tcp.CorporateDataCenter._sites.dc._msdcs,DC=omtn.de
>>>> ,CN=MicrosoftDNS,DC=ForestDnsZones,DC=omtn,DC=de
>>>> dn:
>>>>
DC=_ldap._tcp.pdc._msdcs,DC=omtn.de,CN=MicrosoftDNS,DC=ForestDnsZ
>>>> ones,DC=omtn,DC=de
>>>> dn:
>>>> DC=8e100b0b-c414-4fef-9137-
>>>>
a16749633c5d._msdcs,DC=omtn.de,CN=MicrosoftDNS,DC=ForestDnsZones,
>>>> DC=omtn,DC=de
>>>> dn:
>>>> DC=2d035437-cec0-4a24-bdd0-
>>>>
0b599915e3b6._msdcs,DC=omtn.de,CN=MicrosoftDNS,DC=ForestDnsZones,
>>>> DC=omtn,DC=de
>>>> dn:
>>>>
DC=_ldap._tcp.CorporateDataCenter._sites.dc._msdcs,DC=omtn.de,CN>>>>
MicrosoftDNS,DC=ForestDnsZones,DC=omtn,DC=de
>>>
>>> You have the 2000K dns, there appears to be nothing in '
>>> CN=MicrosoftDNS,DC=DomainDnsZones,DC=omtn,DC=de'
>>>
>>> Rowland
>>>
>>>
>>

Rowland penny

2020-Apr-30 10:57 UTC

head link

[Samba] samba 4.12.2: WERR_DNS_ERROR_DS_UNAVAILABLE, unable to manage samba DNS

On 30/04/2020 11:44, Olaf Dreyer wrote:> Hi,
>
> I restored the last backup with the 4.11.6 setup. This is working fine 
> and i can confirm that my AD is set up with a single forwarding zone, 
> there is no _msdsc zone. On this 4.11.6 setup also the Windows DNS 
> Tool does not complain. When upgrading to 4.12.2 DNS administration 
> fails again with WERR_DNS_ERROR_DS_UNAVAILABLE.
>
> I will try the steps described in the MS document? and come back with 
> the results.
I think both Andrew and myself are both right, Your problem with 4.12.x 
is undoubtedly due to the bug Andrew pointed to, but you also do not 
have a _msdcs zone and if you ever want to add another DC, experience 
from earlier posts to this list has shown that this will not work.

Rowland

Apparently Analagous Threads

Search for more maybe matching threads

samba - Apr 2020 - samba 4.12.2: WERR_DNS_ERROR_DS_UNAVAILABLE, unable to manage samba DNS

[Samba] samba 4.12.2: WERR_DNS_ERROR_DS_UNAVAILABLE, unable to manage samba DNS

[Samba] samba 4.12.2: WERR_DNS_ERROR_DS_UNAVAILABLE, unable to manage samba DNS

[Samba] samba 4.12.2: WERR_DNS_ERROR_DS_UNAVAILABLE, unable to manage samba DNS

Apparently Analagous Threads