Roy Eastwood
2021-Dec-15 21:40 UTC
[Samba] DNS PTR update fails if IP is reused by another client
On Sun, 12 Dec 2021, 16:59 Andrew Bartlett via samba, <samba at lists.samba.org> wrote:> DNS has two levels of tombstones, because clients so often do a > delete/add cycle it would quickly fill the DB (this used to happen, > long ago I was helping out a school with 100,000 DNS tombstones). > > So objects become DNS 'deleted' but still owned (for SD purposes) by > the original name, then those get scavenged and become properly deleted > (so no squatting on that name). > > Andrew BartlettSo how do I allow the record to be created? I am still getting these error messages. How long is it before the records get scavenged automatically? Thanks, Roy
Rowland Penny
2021-Dec-15 22:17 UTC
[Samba] DNS PTR update fails if IP is reused by another client
On Wed, 2021-12-15 at 21:40 +0000, Roy Eastwood via samba wrote:> On Sun, 12 Dec 2021, 16:59 Andrew Bartlett via samba, < > samba at lists.samba.org> > wrote: > > DNS has two levels of tombstones, because clients so often do a > > delete/add cycle it would quickly fill the DB (this used to happen, > > long ago I was helping out a school with 100,000 DNS tombstones). > > > > So objects become DNS 'deleted' but still owned (for SD purposes) > > by > > the original name, then those get scavenged and become properly > > deleted > > (so no squatting on that name). > > > > Andrew Bartlett > > So how do I allow the record to be created? I am still getting > these > error messages. How long is it before the records get scavenged > automatically?I was unaware about dns tombstones, so I did some searching and found this: https://it-hint.blogspot.com/2011/11/dns-tombstones-in-windows-2003-and-2008.html Which explains it a bit better, a further search turned up this: https://support.hpe.com/hpesc/public/docDisplay?docId=c01276134&docLocale=en_US>From that, it looks like you just need to find the DN of the dns objectyou wish to delete and then use ldbdel to delete it. I have not tested it, so if you do this, you do this at your own risk and I would ensure that I have a current backup before I tried. Rowland