Patrick Goetz
2022-Aug-26 20:05 UTC
[Samba] After a power outage Samba DNS is no longer working properly
OS: Ubuntu 20.04.3
Samba version: 4.15.2 from Louis' repo
We suffered a power outage after which Samba DNS resolution no longer
works and I can't figure out why. The domain controller continues to be
aware of its client machines:
root at samba-dc:~# samba-tool dns query samba-dc ea.my_org.org ea124 A -U
Administrator
Password for [EA\Administrator]:
Name=, Records=1, Children=0
A: 172.18.90.124 (flags=f0, serial=110, ttl=1200)
root at samba-dc:~# samba-tool dns query samba-dc 90.18.172.in-addr.arpa
124 PTR -U Administrator
Password for [EA\Administrator]:
Name=, Records=1, Children=0
PTR: EA124.ea.my_org.org (flags=f0, serial=7, ttl=900)
However, on the Windows 10 clients (specifically ea124)
net use G: \\data2\share
gives a characteristically cryptic Microsoft error message: Error 53
which turns out to mean it can't resolve the host name. If I substitute
the share server's IP address:
net use G: \\127.18.90.30\share
then the mount executes as one would expect.
The Wiki page here: https://wiki.samba.org/index.php/DNS_Administration
is very sparse on details of how one would go about debugging or
repairing this issue. I seem to recall people running into this on much
larger networks than mine, but googling and searching the list didn't
bring up any useful information.
Anyone have any ideas?
Patrick Goetz
2022-Aug-26 23:15 UTC
[Samba] After a power outage Samba DNS is no longer working properly
Oh, I should add to this that is searching the web I found this command: root at samba-dc:~# samba_dnsupdate --verbose --all-names That results in, among other things, errors that look like this: ---------------------------------------------- ; TSIG error with server: tsig verify failure Failed nsupdate: 2 update(nsupdate): SRV _ldap._tcp.Default-First-Site-Name._sites.ForestDnsZones.ea.my_org.org samba-dc.ea.my_org.org 389 Calling nsupdate for SRV _ldap._tcp.Default-First-Site-Name._sites.ForestDnsZones.ea.my_orgs.org samba-dc.ea.my_org.org 389 (add) Successfully obtained Kerberos ticket to DNS/samba-dc.ea.myorg.org as SAMBA-DC$ Outgoing update query: ;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: 0 ;; flags:; ZONE: 0, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0 ;; UPDATE SECTION: _ldap._tcp.Default-First-Site-Name._sites.ForestDnsZones.ea.my_org.org. 900 IN SRV 0 100 389 samba-dc.ea.my_org.org. ; TSIG error with server: tsig verify failure Failed nsupdate: 2 Failed update of 29 entries ---------------------------------------------- <rant>I ran a Samba 3 server for this org for 12 years. In their previous locations they had power outages on an almost weekly basis and yet Samba 3 *never* crashed and burned. Now running Samba 4 in a new location, and the very first time there's a power hiccup it falls part. There is literally nothing which should make the software fail like this.</rant> On 8/26/22 15:05, Patrick Goetz via samba wrote:> > ? OS: Ubuntu 20.04.3 > ? Samba version: 4.15.2 from Louis' repo > > We suffered a power outage after which Samba DNS resolution no longer > works and I can't figure out why.? The domain controller continues to be > aware of its client machines: > > root at samba-dc:~# samba-tool dns query samba-dc ea.my_org.org ea124 A -U > Administrator > Password for [EA\Administrator]: > ? Name=, Records=1, Children=0 > ??? A: 172.18.90.124 (flags=f0, serial=110, ttl=1200) > > > root at samba-dc:~# samba-tool dns query samba-dc 90.18.172.in-addr.arpa > 124 PTR -U Administrator > Password for [EA\Administrator]: > ? Name=, Records=1, Children=0 > ??? PTR: EA124.ea.my_org.org (flags=f0, serial=7, ttl=900) > > However, on the Windows 10 clients (specifically ea124) > > ? net use G: \\data2\share > > gives a characteristically cryptic Microsoft error message: Error 53 > which turns out to mean it can't resolve the host name.? If I substitute > the share server's IP address: > > ? net use G: \\127.18.90.30\share > > then the mount executes as one would expect. > > The Wiki page here: > https://nam12.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwiki.samba.org%2Findex.php%2FDNS_Administration&data=05%7C01%7C%7C72149244adb241bddc9d08da87a0b21e%7C31d7e2a5bdd8414e9e97bea998ebdfe1%7C0%7C0%7C637971421504331373%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=UhNlXcoit6hdPl%2Bs2HteeiG6hYR%2FAavVPN0eypf8jSc%3D&reserved=0 > > > is very sparse on details of how one would go about debugging or > repairing this issue.? I seem to recall people running into this on much > larger networks than mine, but googling and searching the list didn't > bring up any useful information. > > Anyone have any ideas? > > >