ralph strebbing
2021-Jan-29 19:12 UTC
[Samba] Dynamic Updates to Bind DLZ through DHCP have repeated errors in syslog
On Fri, Jan 29, 2021 at 1:52 PM Rowland penny via samba <samba at lists.samba.org> wrote:> > On 29/01/2021 18:06, ralph strebbing wrote: > > These records specifically are generated by the script from DHCP. > > Looking at what it's passing (in the previous log file), I think the > > issue is stemming from the script grabbing and passing the MAC, but > > not the hostname, which is what Samba-tool uses. > > > If you are adding a record, dhcp should be passing the hostname: > > Jan 11 15:08:50 dc4 dhcpd[2228]: Commit: IP: 192.168.0.73 DHCID: > cc:4e:ec:1f:48:ef Name: HUMAX > Jan 11 15:08:50 dc4 dhcpd[2228]: execute_statement argv[0] > /usr/local/bin/dhcp-dyndns.sh > Jan 11 15:08:50 dc4 dhcpd[2228]: execute_statement argv[1] = add > Jan 11 15:08:50 dc4 dhcpd[2228]: execute_statement argv[2] = 192.168.0.73 > Jan 11 15:08:50 dc4 dhcpd[2228]: execute_statement argv[3] > cc:4e:ec:1f:48:ef > Jan 11 15:08:50 dc4 dhcpd[2228]: execute_statement argv[4] = HUMAX > > If it isn't, you need to find out why, the script depends on receiving > the required data. > > If you are deleting a record, then the script just requires the IP, the > hostname will be found by this: > > # Exit if no computer name supplied, unless the action is 'delete' > if [ -z "${name}" ]; then > if [ "${action}" = "delete" ]; then > name=$(host -t PTR "${ip}" | awk '{print $NF}' | awk -F '.' > '{print $1}') > else > usage > exit 1; > fi > fi > > That piece of code should obtain the short hostname from the IP, unless > the record does not exist or the wrong data is being returned by the > 'host' command. >Clarifying: adding the record does contain the hostname, it adds it successfully.> > I just tested it manually, and deleting a record in DNS took the following args: > > samba-tool dns delete <server> <zone> <name> <Record Type> <record data> > > > > The example I used and succeeded on manually was: samba-tool dns > > delete dc1 domain.com sys-rstrebbing A 10.60.2.35 (My laptop). It ran > > fine. > > If I understand the logs correctly from your script, this is what it's passing: > > samba-tool dns delete dc1 domain.com 0 A 10.60.2.11 <---Example based > > on args given in the log file. > > > No, my script isn't 'passing' 10.60.2.11 , it is what is being passed to > it by dhcp > > > So would it even be possible to grab the hostname on an expiring > > lease? Looking over the wiki again I noticed this comment on the code > > in dhcpd.conf > > In the on expiry block: > > # cannot get a ClientMac here, apparently this only works when > > actually receiving a packet > > and > > # cannot get a ClientName here, for some reason that always fails > > > This is an artefact of dhcp, the bash script can only use what is passed > to it. > > > > By chance has the second one changed? Because otherwise samba doesn't > > seem to allow removing the record since the name of the record > > (ClientName) almost seems like it's a critical piece of this. Or if > > anyone else has come to another solution to get the information > > another way while the script runs. > > > The different IP has something to do with your setup and is not > something I have ever seen, I cannot fix this, you need to find out why > the IP changed. >So that was on me. It's the correct IP, I just went into the log and pulled another instance on my last reply, apologies for the confusion. However you've just given me an idea as to what's happening to cause the failure on delete. Remember how I mentioned that even though the record was being added in DNS, the script said it failed? It's adding the forward A record, but it's failing to create the PTR record, hence why when it does the PTR lookup on the delete function it just has a 0 in the argument. So the issue is stemming from it not adding the PTR record on add. The thing is, aside from the message stating it failed, there is no other indication or other logging to determine what went wrong exactly while trying to execute that command. Ralph
Rowland penny
2021-Jan-29 19:22 UTC
[Samba] Dynamic Updates to Bind DLZ through DHCP have repeated errors in syslog
On 29/01/2021 19:12, ralph strebbing wrote:> On Fri, Jan 29, 2021 at 1:52 PM Rowland penny via samba > <samba at lists.samba.org> wrote: >> On 29/01/2021 18:06, ralph strebbing wrote: >>> These records specifically are generated by the script from DHCP. >>> Looking at what it's passing (in the previous log file), I think the >>> issue is stemming from the script grabbing and passing the MAC, but >>> not the hostname, which is what Samba-tool uses. >> >> If you are adding a record, dhcp should be passing the hostname: >> >> Jan 11 15:08:50 dc4 dhcpd[2228]: Commit: IP: 192.168.0.73 DHCID: >> cc:4e:ec:1f:48:ef Name: HUMAX >> Jan 11 15:08:50 dc4 dhcpd[2228]: execute_statement argv[0] >> /usr/local/bin/dhcp-dyndns.sh >> Jan 11 15:08:50 dc4 dhcpd[2228]: execute_statement argv[1] = add >> Jan 11 15:08:50 dc4 dhcpd[2228]: execute_statement argv[2] = 192.168.0.73 >> Jan 11 15:08:50 dc4 dhcpd[2228]: execute_statement argv[3] >> cc:4e:ec:1f:48:ef >> Jan 11 15:08:50 dc4 dhcpd[2228]: execute_statement argv[4] = HUMAX >> >> If it isn't, you need to find out why, the script depends on receiving >> the required data. >> >> If you are deleting a record, then the script just requires the IP, the >> hostname will be found by this: >> >> # Exit if no computer name supplied, unless the action is 'delete' >> if [ -z "${name}" ]; then >> if [ "${action}" = "delete" ]; then >> name=$(host -t PTR "${ip}" | awk '{print $NF}' | awk -F '.' >> '{print $1}') >> else >> usage >> exit 1; >> fi >> fi >> >> That piece of code should obtain the short hostname from the IP, unless >> the record does not exist or the wrong data is being returned by the >> 'host' command. >> > Clarifying: adding the record does contain the hostname, it adds it > successfully. > >>> I just tested it manually, and deleting a record in DNS took the following args: >>> samba-tool dns delete <server> <zone> <name> <Record Type> <record data> >>> >>> The example I used and succeeded on manually was: samba-tool dns >>> delete dc1 domain.com sys-rstrebbing A 10.60.2.35 (My laptop). It ran >>> fine. >>> If I understand the logs correctly from your script, this is what it's passing: >>> samba-tool dns delete dc1 domain.com 0 A 10.60.2.11 <---Example based >>> on args given in the log file. >> >> No, my script isn't 'passing' 10.60.2.11 , it is what is being passed to >> it by dhcp >> >>> So would it even be possible to grab the hostname on an expiring >>> lease? Looking over the wiki again I noticed this comment on the code >>> in dhcpd.conf >>> In the on expiry block: >>> # cannot get a ClientMac here, apparently this only works when >>> actually receiving a packet >>> and >>> # cannot get a ClientName here, for some reason that always fails >> >> This is an artefact of dhcp, the bash script can only use what is passed >> to it. >> >> >>> By chance has the second one changed? Because otherwise samba doesn't >>> seem to allow removing the record since the name of the record >>> (ClientName) almost seems like it's a critical piece of this. Or if >>> anyone else has come to another solution to get the information >>> another way while the script runs. >> >> The different IP has something to do with your setup and is not >> something I have ever seen, I cannot fix this, you need to find out why >> the IP changed. >> > So that was on me. It's the correct IP, I just went into the log and > pulled another instance on my last reply, apologies for the confusion. > However you've just given me an idea as to what's happening to cause > the failure on delete. > Remember how I mentioned that even though the record was being added > in DNS, the script said it failed? > > It's adding the forward A record, but it's failing to create the PTR > record, hence why when it does the PTR lookup on the delete function > it just has a 0 in the argument. > > So the issue is stemming from it not adding the PTR record on add. The > thing is, aside from the message stating it failed, there is no other > indication or other logging to determine what went wrong exactly while > trying to execute that command. > > RalphHave you created the reversezone(s) in AD ? Rowland