samba - Nov 2021 - Device ends up with multiple dns records and IP addresses

On 09/11/2021 14:29, Rowland Penny via samba wrote:
> On Tue, 2021-11-09 at 13:08 +0000, Sebastian Arcus via samba wrote:
>>
>> I have just checked this server today, and the printer has two IP
>> addresses again:
>>
>>
>> # host SEC001599AB9439
>> SEC001599AB9439.ihs-uk.lan has address 192.168.51.235
>> SEC001599AB9439.ihs-uk.lan has address 192.168.51.229
>>
>>
>> There are some other hosts with multiple IP's - an iPhone has 5 IP
>> addresses.
>>
>> I then went to test manually adding a record with two IP addresses
>> to
>> the dns server using the dhcp-dyndns.sh script:
>>
>>
>>
>> /etc/dhcpd.d# ./dhcp-ddns.sh add 192.168.51.200 abcdef test1
> 
> What OS is this running on ?
> I do not recognise '/etc/dhcpd.d'
> 
>>
>> However, by inserting debug statements, I discovered that the line
>> above
> 
> Can you supply the script line that crashes for you.
Ok - I might have a bit more useful information. I've added lots of 
debug lines in the script and the source of the error messages seems to 
be two fold: if there is already an A record in the dns back-end with 
multiple IPs, and/or a PTR record with multiple hostnames, both the 
corresponding "samba-tool dns delete ..." statements fail with those 
errors. Then everything snowballs down the hill, as every time the 
device gets a new IP address, the script keeps on adding more multiple 
records to the database, with no chance of recovering from there.

I still don't know for sure how did the multiple records happen in the 
first place. I do know however why I was still getting the error after 
deleting all the IPs in the dns back-end for this printer - it's because 
I didn't realise that there was also a PTR record with multiple 
hostnames, as well as the A record with multiple IPs.

Does the above help a bit? I don't know if the script should be changed 
to recognise multiple IP's / hostnames being returned when querying the 
dns back-end - and cope with that scenario? Or maybe that should just 
never ever happen in the first place?

On Wed, 2021-11-10 at 15:06 +0000, Sebastian Arcus via samba
wrote:
> On 09/11/2021 14:29, Rowland Penny via samba wrote:
> > On Tue, 2021-11-09 at 13:08 +0000, Sebastian Arcus via samba wrote:
> > > I have just checked this server today, and the printer has two IP
> > > addresses again:
> > > 
> > > 
> > > # host SEC001599AB9439
> > > SEC001599AB9439.ihs-uk.lan has address 192.168.51.235
> > > SEC001599AB9439.ihs-uk.lan has address 192.168.51.229
> > > 
> > > 
> > > There are some other hosts with multiple IP's - an iPhone has
5
> > > IP
> > > addresses.
> > > 
> > > I then went to test manually adding a record with two IP
> > > addresses
> > > to
> > > the dns server using the dhcp-dyndns.sh script:
> > > 
> > > 
> > > 
> > > /etc/dhcpd.d# ./dhcp-ddns.sh add 192.168.51.200 abcdef test1
> > 
> > What OS is this running on ?
> > I do not recognise '/etc/dhcpd.d'
> > 
> > > However, by inserting debug statements, I discovered that the
> > > line
> > > above
> > 
> > Can you supply the script line that crashes for you.
> 
> Ok - I might have a bit more useful information. I've added lots of 
> debug lines in the script and the source of the error messages seems
> to 
> be two fold: if there is already an A record in the dns back-end
> with 
> multiple IPs, and/or a PTR record with multiple hostnames, both the 
> corresponding "samba-tool dns delete ..." statements fail with
those
> errors. Then everything snowballs down the hill, as every time the 
> device gets a new IP address, the script keeps on adding more
> multiple 
> records to the database, with no chance of recovering from there.
> 
> I still don't know for sure how did the multiple records happen in
> the 
> first place. I do know however why I was still getting the error
> after 
> deleting all the IPs in the dns back-end for this printer - it's
> because 
> I didn't realise that there was also a PTR record with multiple 
> hostnames, as well as the A record with multiple IPs.
> 
> Does the above help a bit? I don't know if the script should be
> changed 
> to recognise multiple IP's / hostnames being returned when querying
> the 
> dns back-end - and cope with that scenario? Or maybe that should
> just 
> never ever happen in the first place?
OK, try upgrading the script, the latest version has this:

    add)
        _KERBEROS
        count=0
        # does host have an existing 'A' record ?
        A_REC=$(samba-tool dns query ${Server} ${domain} ${name} A -k
yes 2>/dev/null | grep 'A:' | awk '{print $2}')
        if [[ -z $A_REC ]]; then
            # no A record to delete
            result1=0
            samba-tool dns add ${Server} ${domain} "${name}" A ${ip}
-k
yes
            result2="$?"
        elif [ "$A_REC" = "${ip}" ]; then
              # Correct A record exists, do nothing
              logger "Correct 'A' record exists, not
updating."
              result1=0
              result2=0
              count=$((count+1))
        elif [ "$A_REC" != "${ip}" ]; then
              # Wrong A record exists
              logger "'A' record changed, updating record."
              samba-tool dns delete ${Server} ${domain} "${name}" A
${A_REC} -k yes
              result1="$?"
              samba-tool dns add ${Server} ${domain} "${name}" A ${ip}
-k yes
              result2="$?"
        fi

The script now checks if the record exists and then does one of three
things:

It adds the record if one doesn't exist

If the record exists and it matches the supplied data, it does nothing

If the record exists and it doesn't match the supplied data, the record
is deleted and a new record added

The 0.9.0 version of the script did not do this.

Rowland