Rowland Penny
2021-Dec-11 13:36 UTC
[Samba] DNS PTR update fails if IP is reused by another client
On Sat, 2021-12-11 at 13:02 +0000, spindles seven wrote:> On 11 December 2021 12:17 Rowland Penny wrote: > > I personally think the 'tombstone' is a bit of a red herring. If > > you > > re-install a machine with the same name, ip etc, even if it looks > > like > > the same machine to you, to Windows it is a different machine and > > that > > new machine will not be able to alter any records for the old > > machine. > > > > > If so is there a workaround? > > > > You could try deleting the old records and let your new machine > > create > > new ones. > > > > Rowland > > > Thanks Rowland. Yes, I tried that, the A record in the forward > zone and the PTR record in the reverse zone for the old machine > (LION-X99) was deleted, but still getting these errors for the new > machine (LION). Or did you mean deleting the tombstoned records? > > BTW it created the A record in the forward zone automatically when I > joined the new machine to the domain. It's just the PTR record > that's not being allowed to be created automatically.There is something going very wrong here. When you delete a dns object in AD, it isn't really deleted. It has a few attributes removed and is renamed and then moved to 'CN=Deleted Objects,DC=DomainDnsZones,DC=samdom,DC=example,DC=com' This means that the reverse record shouldn't be there when Windows tries to create/alter the record. Rowland
Andrew Bartlett
2021-Dec-12 16:58 UTC
[Samba] DNS PTR update fails if IP is reused by another client
On Sat, 2021-12-11 at 13:36 +0000, Rowland Penny via samba wrote:> > There is something going very wrong here. When you delete a dns > object > > in AD, it isn't really deleted. It has a few attributes removed and > is > > renamed and then moved to 'CN=Deleted > > Objects,DC=DomainDnsZones,DC=samdom,DC=example,DC=com' > > > > This means that the reverse record shouldn't be there when Windows > > tries to create/alter the record.DNS has two levels of tombstones, because clients so often do a delete/add cycle it would quickly fill the DB (this used to happen, long ago I was helping out a school with 100,000 DNS tombstones). So objects become DNS 'deleted' but still owned (for SD purposes) by the original name, then those get scavenged and become properly deleted (so no squatting on that name). Andrew Bartlett -- Andrew Bartlett (he/him) https://samba.org/~abartlet/ Samba Team Member (since 2001) https://samba.org Samba Team Lead, Catalyst IT https://catalyst.net.nz/services/samba Samba Development and Support, Catalyst IT - Expert Open Source Solutions