samba - Jan 2021 - Dynamic Updates to Bind DLZ through DHCP have repeated errors in syslog

On 29/01/2021 19:12, ralph strebbing wrote:
> On Fri, Jan 29, 2021 at 1:52 PM Rowland penny via samba
> <samba at lists.samba.org> wrote:
>> On 29/01/2021 18:06, ralph strebbing wrote:
>>> These records specifically are generated by the script from DHCP.
>>> Looking at what it's passing (in the previous log file), I
think the
>>> issue is stemming from the script grabbing and passing the MAC, but
>>> not the hostname, which is what Samba-tool uses.
>>
>> If you are adding a record, dhcp should be passing the hostname:
>>
>> Jan 11 15:08:50 dc4 dhcpd[2228]: Commit: IP: 192.168.0.73 DHCID:
>> cc:4e:ec:1f:48:ef Name: HUMAX
>> Jan 11 15:08:50 dc4 dhcpd[2228]: execute_statement argv[0] >>
/usr/local/bin/dhcp-dyndns.sh
>> Jan 11 15:08:50 dc4 dhcpd[2228]: execute_statement argv[1] = add
>> Jan 11 15:08:50 dc4 dhcpd[2228]: execute_statement argv[2] =
192.168.0.73
>> Jan 11 15:08:50 dc4 dhcpd[2228]: execute_statement argv[3] >>
cc:4e:ec:1f:48:ef
>> Jan 11 15:08:50 dc4 dhcpd[2228]: execute_statement argv[4] = HUMAX
>>
>> If it isn't, you need to find out why, the script depends on
receiving
>> the required data.
>>
>> If you are deleting a record, then the script just requires the IP, the
>> hostname will be found by this:
>>
>> # Exit if no computer name supplied, unless the action is
'delete'
>> if [ -z "${name}" ]; then
>>       if [ "${action}" = "delete" ]; then
>>           name=$(host -t PTR "${ip}" | awk '{print
$NF}' | awk -F '.'
>> '{print $1}')
>>       else
>>           usage
>>           exit 1;
>>       fi
>> fi
>>
>> That piece of code should obtain the short hostname from the IP, unless
>> the record does not exist or the wrong data is being returned by the
>> 'host' command.
>>
> Clarifying: adding the record does contain the hostname, it adds it
> successfully.
>
>>> I just tested it manually, and deleting a record in DNS took the
following args:
>>> samba-tool dns delete <server> <zone> <name>
<Record Type> <record data>
>>>
>>> The example I used and succeeded on manually was: samba-tool dns
>>> delete dc1 domain.com sys-rstrebbing A 10.60.2.35 (My laptop). It
ran
>>> fine.
>>> If I understand the logs correctly from your script, this is what
it's passing:
>>> samba-tool dns delete dc1 domain.com 0 A 10.60.2.11 <---Example
based
>>> on args given in the log file.
>>
>> No, my script isn't 'passing' 10.60.2.11 , it is what is
being passed to
>> it by dhcp
>>
>>> So would it even be possible to grab the hostname on an expiring
>>> lease? Looking over the wiki again I noticed this comment on the
code
>>> in dhcpd.conf
>>> In the on expiry block:
>>> # cannot get a ClientMac here, apparently this only works when
>>> actually receiving a packet
>>> and
>>> # cannot get a ClientName here, for some reason that always fails
>>
>> This is an artefact of dhcp, the bash script can only use what is
passed
>> to it.
>>
>>
>>> By chance has the second one changed? Because otherwise samba
doesn't
>>> seem to allow removing the record since the name of the record
>>> (ClientName) almost seems like it's a critical piece of this.
Or if
>>> anyone else has come to another solution to get the information
>>> another way while the script runs.
>>
>> The different IP has something to do with your setup and is not
>> something I have ever seen, I cannot fix this, you need to find out why
>> the IP changed.
>>
> So that was on me. It's the correct IP, I just went into the log and
> pulled another instance on my last reply, apologies for the confusion.
> However you've just given me an idea as to what's happening to
cause
> the failure on delete.
> Remember how I mentioned that even though the record was being added
> in DNS, the script said it failed?
>
> It's adding the forward A record, but it's failing to create the
PTR
> record, hence why when it does the PTR lookup on the delete function
> it just has a 0 in the argument.
>
> So the issue is stemming from it not adding the PTR record on add. The
> thing is, aside from the message stating it failed, there is no other
> indication or other logging to determine what went wrong exactly while
> trying to execute that command.
>
> Ralph

Have you created the reversezone(s) in AD ?

Rowland

On Fri, Jan 29, 2021 at 2:22 PM Rowland penny via samba
<samba at lists.samba.org> wrote:
>
> Have you created the reversezone(s) in AD ?
>
Only if I'm manually creating the DNS Entry (e.g pbx.domain.com
pointing to an IP of another static device pbx1). Aside from that, I
thought that the script was creating them on the 'add' function.

Ralph