ralph strebbing
2021-Jan-28 14:10 UTC
[Samba] Dynamic Updates to Bind DLZ through DHCP have repeated errors in syslog
Thanks for the advice Rowland, we're now running Samba 4.13.3, and I've updated the script with the one you've provided. The problem I'm running into now is when a client get a DHCP lease, it adds it to DNS, and then we create a static mapping after the fact for a different IP (This is common here especially while testing some server VMs that eventually go into production on a different more permanent subnet); The script runs to release the existing record in DNS, but fails because it can't find the record (See log snippet below). Similarly, when the add function is run afterwards to add the new entry, we're left with 2 separate records in DNS for the same hostname with different IP addresses. http://haste.thegamingcorner.net/rucuvanuxe.sql Record Add Log: http://haste.thegamingcorner.net/qulivuwome.sql It's also worth noting that no matter what so far, when the script adds new records, it does seem to add them correctly, but the reverse DNS portions of the script aren't running, or something weird is happening on the backend because there is no result code for those that are being returned (hence the Update Failed: 0:0::) message. Got any suggestion for what I may be missing on my end for that one? Thanks Again! Ralph On Thu, Jan 28, 2021 at 6:30 AM Rowland penny <rpenny at samba.org> wrote:> On 28/01/2021 09:59, Rowland penny via samba wrote: > > On 27/01/2021 20:43, ralph strebbing via samba wrote: > >> So I'm upgrading our current NT4 domain to Samba AD with Bind9 DNS. Our > >> current DHCP/DNS setup is on one server, separate from the Domain > >> server. > >> With Samba AD, we'll be using Samba's tools to manage the DNS, thus > >> allowing use of things like the Windows Server Admin Tool suite (DNS, AD > >> Users & Groups, etc.). So Bind9, isc-dhcp-server, and Samba is all > >> going to > >> be on the same machine for the new setup. > >> > > OK, you have identified a problem with the script ? > > > > However, this error has nothing to do with the script: > > > > ERROR(runtime): uncaught exception - (9711, > > 'WERR_DNS_ERROR_RECORD_ALREADY_EXISTS') > > > > This is being caused by a bug in the 'samba-tool dns' code and was > > fixed in early 2020, so you need to upgrade Samba to 4.13.x > > > > I will have a look at the dhcp update script and get back to you. > > > > You also shouldn't need the 'rndc.key' > > > > Rowland > > > OK Ralph, can you try the attached new version of the script ? > > Rowland > > > >
Rowland penny
2021-Jan-28 14:30 UTC
[Samba] Dynamic Updates to Bind DLZ through DHCP have repeated errors in syslog
On 28/01/2021 14:10, ralph strebbing via samba wrote:> Thanks for the advice Rowland, we're now running Samba 4.13.3, and I've > updated the script with the one you've provided. The problem I'm running > into now is when a client get a DHCP lease, it adds it to DNS, and then we > create a static mapping after the fact for a different IP (This is common > here especially while testing some server VMs that eventually go into > production on a different more permanent subnet); The script runs to > release the existing record in DNS, but fails because it can't find the > record (See log snippet below). > > Similarly, when the add function is run afterwards to add the new entry, > we're left with 2 separate records in DNS for the same hostname with > different IP addresses. > http://haste.thegamingcorner.net/rucuvanuxe.sql > > Record Add Log: > http://haste.thegamingcorner.net/qulivuwome.sql > > It's also worth noting that no matter what so far, when the script adds new > records, it does seem to add them correctly, but the reverse DNS portions > of the script aren't running, or something weird is happening on the > backend because there is no result code for those that are being returned > (hence the Update Failed: 0:0::) message. Got any suggestion for what I may > be missing on my end for that one? > > Thanks Again! > Ralph > > On Thu, Jan 28, 2021 at 6:30 AM Rowland penny <rpenny at samba.org> wrote: > >> On 28/01/2021 09:59, Rowland penny via samba wrote: >>> On 27/01/2021 20:43, ralph strebbing via samba wrote: >>>> So I'm upgrading our current NT4 domain to Samba AD with Bind9 DNS. Our >>>> current DHCP/DNS setup is on one server, separate from the Domain >>>> server. >>>> With Samba AD, we'll be using Samba's tools to manage the DNS, thus >>>> allowing use of things like the Windows Server Admin Tool suite (DNS, AD >>>> Users & Groups, etc.). So Bind9, isc-dhcp-server, and Samba is all >>>> going to >>>> be on the same machine for the new setup. >>>> >>> OK, you have identified a problem with the script ? >>> >>> However, this error has nothing to do with the script: >>> >>> ERROR(runtime): uncaught exception - (9711, >>> 'WERR_DNS_ERROR_RECORD_ALREADY_EXISTS') >>> >>> This is being caused by a bug in the 'samba-tool dns' code and was >>> fixed in early 2020, so you need to upgrade Samba to 4.13.x >>> >>> I will have a look at the dhcp update script and get back to you. >>> >>> You also shouldn't need the 'rndc.key' >>> >>> Rowland >> >> OK Ralph, can you try the attached new version of the script ? >> >> Rowland >> >> >> >>I have been using the script in its basic form for about 8 years now and it has never really failed for me, but then I don't allow dhcp to create a dns record in AD (the default reason for the script) and then manually change the computers ipaddress. Of course you are getting two IP's for each hostname, the script creates one and then you come along and add another one. If you are going to give your computers a fixed IP, do not use dhcp or rewrite my script to do what you require. You appear to using the script to do something it was never designed to, I will not alter it to do what want, it would have little use outside of yours and I would have no way of testing it. Rowland