samba - Jun 2024 - Bad DOMAINDNSZONES TDB : Hashes do not match records

Hi there, I think it's a good idea to start a new thread with this, which
seems to be the problem with my DC (single DC in AD, old 4.6, from sources).
There seems to be some "bad" record at offset 3878500: is there any
way to delete that record, or otherwise, know what record it is? Can I delete /
update that record from DNS app ? Can I delete / update that record using
tdbtool ? Can I do anything about it ? (if now is the answer to this, I am
starting from zero) tdbtool
/usr/local/samba/private/sam.ldb.d/DC\=DOMAINDNSZONES\,DC\=MYDOMAIN\,DC\=LAN.ldb
check Hashes do not match records Integrity check for the opened database
failed. If opening the database with tdbtool: tdb> keys key 26 bytes:
DN=@INDEX:NAME:PC-XSERRA3 key 30 bytes: DN=@INDEX:USNCREATED:15191561 key 93
bytes:
DN=DC=PC-ANA2,DC=MYDOMAIN.LAN,CN=MICROSOFTDNS,DC=DOMAINDNSZONES,DC=MYDOMAIN,DC=LAN
key 42 bytes: DN=@INDEX:OBJECTCLASS:MSDS-QUOTACONTAINER key 47 bytes:
DN=@INDEX:OBJECTGUID::o6dCEdfo/UK7a0mtUZ2DSA== key 30 bytes:
DN=@INDEX:USNCHANGED:16301850 key 84 bytes:
DN=DC=@,DC=ROOTDNSSERVERS,CN=MICROSOFTDNS,DC=DOMAINDNSZONES,DC=MYDOMAIN,DC=LAN
key 27 bytes: DN=@INDEX:USNCREATED:53399 tdb_rec_read bad magic 0xd9fee666 at
offset=3878500 tdb> dump [only last records shown] . . key 27 bytes
DN=@INDEX:USNCREATED:53399 data 156 bytes [000] 67 19 01 26 02 00 00 00 40 49 4E
44 45 58 3A 55 g..&... @INDEX:U [010] 53 4E 43 52 45 41 54 45 44 3A 35 33 33
39 39 00 SNCREATE D:53399 [020] 40 49 44 58 56 45 52 53 49 4F 4E 00 01 00 00 00
@IDXVERS ION.... [030] 01 00 00 00 32 00 40 49 44 58 00 01 00 00 00 58 ....2. at
I DX.....X [040] 00 00 00 44 43 3D 50 43 2D 41 49 52 2C 44 43 3D ...DC= PC -AIR
,DC= [050] 61 72 65 73 62 61 72 63 65 6C 6F 6E 61 2E 6C 61 mydomain.la [060] 6E
2C 43 4E 3D 4D 69 63 72 6F 73 6F 66 74 44 4E n,CN=MicrosoftDN [070] 53 2C 44 43
3D 44 6F 6D 61 69 6E 44 6E 73 5A 6F S,DC=DomainDnsZo [080] 6E 65 73 2C 44 43 3D
61 72 65 73 62 61 72 63 65 nes,DC=mydo [090] 6C 6F 6E 61 2C 44 43 3D 6C 61 6E 00
main,DC= lan tdb_rec_read bad magic 0xd9fee666 at offset=3878500 tdb> tdb>
hexkeys [only last records shown] key 26 bytes [000] 44 4E 3D 40 49 4E 44 45 58
3A 4E 41 4D 45 3A 50 DN=@INDE X:NAME:P [010] 43 2D 58 53 45 52 52 41 33 00
C-XSERRA 3 key 30 bytes [000] 44 4E 3D 40 49 4E 44 45 58 3A 55 53 4E 43 52 45
DN=@INDE X:USNCRE [010] 41 54 45 44 3A 31 35 31 39 31 35 36 31 00 ATED:151 91561
key 93 bytes [000] 44 4E 3D 44 43 3D 50 43 2D 41 4E 41 32 2C 44 43 DN=DC=PC
-ANA2,DC [010] 3D 41 52 45 53 42 41 52 43 45 4C 4F 4E 41 2E 4C =MYDOMAIN.L [020]
41 4E 2C 43 4E 3D 4D 49 43 52 4F 53 4F 46 54 44 AN,CN=MICROSOFTD [030] 4E 53 2C
44 43 3D 44 4F 4D 41 49 4E 44 4E 53 5A NS,DC=DOMAINDNSZ [040] 4F 4E 45 53 2C 44
43 3D 41 52 45 53 42 41 52 43 ONES,DC= MYD [050] 45 4C 4F 4E 41 2C 44 43 3D 4C
41 4E 00 OMAIN,DC =LAN key 42 bytes [000] 44 4E 3D 40 49 4E 44 45 58 3A 4F 42 4A
45 43 54 DN=@INDE X:OBJECT [010] 43 4C 41 53 53 3A 4D 53 44 53 2D 51 55 4F 54 41
CLASS:MS DS-QUOTA [020] 43 4F 4E 54 41 49 4E 45 52 00 CONTAINE R key 47 bytes
[000] 44 4E 3D 40 49 4E 44 45 58 3A 4F 42 4A 45 43 54 DN=@INDE X:OBJECT [010] 47
55 49 44 3A 3A 6F 36 64 43 45 64 66 6F 2F 55 GUID::o6 dCEdfo/U [020] 4B 37 61 30
6D 74 55 5A 32 44 53 41 3D 3D 00 K7a0mtUZ 2DSA== key 30 bytes [000] 44 4E 3D 40
49 4E 44 45 58 3A 55 53 4E 43 48 41 DN=@INDE X:USNCHA [010] 4E 47 45 44 3A 31 36
33 30 31 38 35 30 00 NGED:163 01850 key 84 bytes [000] 44 4E 3D 44 43 3D 40 2C
44 43 3D 52 4F 4F 54 44 DN=DC=@, DC=ROOTD [010] 4E 53 53 45 52 56 45 52 53 2C 43
4E 3D 4D 49 43 NSSERVER S,CN=MIC [020] 52 4F 53 4F 46 54 44 4E 53 2C 44 43 3D 44
4F 4D ROSOFTDN S,DC=DOM [030] 41 49 4E 44 4E 53 5A 4F 4E 45 53 2C 44 43 3D 41
AINDNSZO NES,DC=M [040] 52 45 53 42 41 52 43 45 4C 4F 4E 41 2C 44 43 3D
YDOMAIN,DC= [050] 4C 41 4E 00 LAN key 27 bytes [000] 44 4E 3D 40 49 4E 44 45 58
3A 55 53 4E 43 52 45 DN=@INDE X:USNCRE [010] 41 54 45 44 3A 35 33 33 39 39 00
ATED:533 99 tdb_rec_read bad magic 0xd9fee666 at offset=3878500 tdb> list:
(filtered to find "magic=0xd9fee666", and then just showing two
suspected entries with "full_hash=0x00000000", one has a particularly
large lengh. ) rec: hash=99 offset=0x0013a000 next=0x00009cec rec_len=2393472
key_len=0 data_len=0 full_hash=0x00000000 magic=0xd9fee666 rec: hash=99
offset=0x00009cec next=0x00000000 rec_len=168 key_len=0 data_len=0
full_hash=0x00000000 magic=0xd9fee666 tdb> info tdb_rec_read bad magic
0xd9fee666 at offset=3878500 Size of file/data: 5312512/515968 Header
offset/logical size: 0/5312512 Number of records: 636 Incompatible hash: no
Active/supported feature flags: 0x00000000/0x00000001 Robust mutexes locking: no
Smallest/average/largest keys: 12/46/142 Smallest/average/largest data:
49/764/23643 Smallest/average/largest padding: 6/185/5918 Number of dead
records: 1 Smallest/average/largest dead records: 1232872/1232872/1232872 Number
of free records: 50 Smallest/average/largest free records: 12/67785/2393472
Number of hash chains: 10000 Smallest/average/largest hash chains: 0/0/2 Number
of uncoalesced records: 2 Smallest/average/largest uncoalesced runs: 1/1/1
Percentage keys/data/padding/free/dead/rechdrs&tailers/hashes:
1/9/2/64/23/0/1 tdb> Let me know if I can supply any more info on this.
Thanks,

Apologies for the format. It?s been completely screwed up.

I?ll repost.

LP
On 24 Jun 2024 at 09:14 +0100, Luis Peromarta via samba <samba at
lists.samba.org>, wrote:
> Hi there, I think it's a good idea to start a new thread with this,
which seems to be the problem with my DC (single DC in AD, old 4.6, from
sources). There seems to be some "bad" record at offset 3878500: is
there any way to delete that record, or otherwise, know what record it is? Can I
delete / update that record from DNS app ? Can I delete / update that record
using tdbtool ? Can I do anything about it ? (if now is the answer to this, I am
starting from zero) tdbtool
/usr/local/samba/private/sam.ldb.d/DC\=DOMAINDNSZONES\,DC\=MYDOMAIN\,DC\=LAN.ldb
check Hashes do not match records Integrity check for the opened database
failed. If opening the database with tdbtool: tdb> keys key 26 bytes:
DN=@INDEX:NAME:PC-XSERRA3 key 30 bytes: DN=@INDEX:USNCREATED:15191561 key 93
bytes:
DN=DC=PC-ANA2,DC=MYDOMAIN.LAN,CN=MICROSOFTDNS,DC=DOMAINDNSZONES,DC=MYDOMAIN,DC=LAN
key 42 bytes: DN=@INDEX:OBJECTCLASS:MSDS-QUOTACONTAINER key 47 bytes:
DN=@INDEX:OBJECTGUID::o6dCEdfo/UK7a0mtUZ2DSA== key 30 bytes:
DN=@INDEX:USNCHANGED:16301850 key 84 bytes:
DN=DC=@,DC=ROOTDNSSERVERS,CN=MICROSOFTDNS,DC=DOMAINDNSZONES,DC=MYDOMAIN,DC=LAN
key 27 bytes: DN=@INDEX:USNCREATED:53399 tdb_rec_read bad magic 0xd9fee666 at
offset=3878500 tdb> dump [only last records shown] . . key 27 bytes
DN=@INDEX:USNCREATED:53399 data 156 bytes [000] 67 19 01 26 02 00 00 00 40 49 4E
44 45 58 3A 55 g..&... @INDEX:U [010] 53 4E 43 52 45 41 54 45 44 3A 35 33 33
39 39 00 SNCREATE D:53399 [020] 40 49 44 58 56 45 52 53 49 4F 4E 00 01 00 00 00
@IDXVERS ION.... [030] 01 00 00 00 32 00 40 49 44 58 00 01 00 00 00 58 ....2. at
I DX.....X [040] 00 00 00 44 43 3D 50 43 2D 41 49 52 2C 44 43 3D ...DC= PC -AIR
,DC= [050] 61 72 65 73 62 61 72 63 65 6C 6F 6E 61 2E 6C 61 mydomain.la [060] 6E
2C 43 4E 3D 4D 69 63 72 6F 73 6F 66 74 44 4E n,CN=MicrosoftDN [070] 53 2C 44 43
3D 44 6F 6D 61 69 6E 44 6E 73 5A 6F S,DC=DomainDnsZo [080] 6E 65 73 2C 44 43 3D
61 72 65 73 62 61 72 63 65 nes,DC=mydo [090] 6C 6F 6E 61 2C 44 43 3D 6C 61 6E 00
main,DC= lan tdb_rec_read bad magic 0xd9fee666 at offset=3878500 tdb> tdb>
hexkeys [only last records shown] key 26 bytes [000] 44 4E 3D 40 49 4E 44 45 58
3A 4E 41 4D 45 3A 50 DN=@INDE X:NAME:P [010] 43 2D 58 53 45 52 52 41 33 00
C-XSERRA 3 key 30 bytes [000] 44 4E 3D 40 49 4E 44 45 58 3A 55 53 4E 43 52 45
DN=@INDE X:USNCRE [010] 41 54 45 44 3A 31 35 31 39 31 35 36 31 00 ATED:151 91561
key 93 bytes [000] 44 4E 3D 44 43 3D 50 43 2D 41 4E 41 32 2C 44 43 DN=DC=PC
-ANA2,DC [010] 3D 41 52 45 53 42 41 52 43 45 4C 4F 4E 41 2E 4C =MYDOMAIN.L [020]
41 4E 2C 43 4E 3D 4D 49 43 52 4F 53 4F 46 54 44 AN,CN=MICROSOFTD [030] 4E 53 2C
44 43 3D 44 4F 4D 41 49 4E 44 4E 53 5A NS,DC=DOMAINDNSZ [040] 4F 4E 45 53 2C 44
43 3D 41 52 45 53 42 41 52 43 ONES,DC= MYD [050] 45 4C 4F 4E 41 2C 44 43 3D 4C
41 4E 00 OMAIN,DC =LAN key 42 bytes [000] 44 4E 3D 40 49 4E 44 45 58 3A 4F 42 4A
45 43 54 DN=@INDE X:OBJECT [010] 43 4C 41 53 53 3A 4D 53 44 53 2D 51 55 4F 54 41
CLASS:MS DS-QUOTA [020] 43 4F 4E 54 41 49 4E 45 52 00 CONTAINE R key 47 bytes
[000] 44 4E 3D 40 49 4E 44 45 58 3A 4F 42 4A 45 43 54 DN=@INDE X:OBJECT [010] 47
55 49 44 3A 3A 6F 36 64 43 45 64 66 6F 2F 55 GUID::o6 dCEdfo/U [020] 4B 37 61 30
6D 74 55 5A 32 44 53 41 3D 3D 00 K7a0mtUZ 2DSA== key 30 bytes [000] 44 4E 3D 40
49 4E 44 45 58 3A 55 53 4E 43 48 41 DN=@INDE X:USNCHA [010] 4E 47 45 44 3A 31 36
33 30 31 38 35 30 00 NGED:163 01850 key 84 bytes [000] 44 4E 3D 44 43 3D 40 2C
44 43 3D 52 4F 4F 54 44 DN=DC=@, DC=ROOTD [010] 4E 53 53 45 52 56 45 52 53 2C 43
4E 3D 4D 49 43 NSSERVER S,CN=MIC [020] 52 4F 53 4F 46 54 44 4E 53 2C 44 43 3D 44
4F 4D ROSOFTDN S,DC=DOM [030] 41 49 4E 44 4E 53 5A 4F 4E 45 53 2C 44 43 3D 41
AINDNSZO NES,DC=M [040] 52 45 53 42 41 52 43 45 4C 4F 4E 41 2C 44 43 3D
YDOMAIN,DC= [050] 4C 41 4E 00 LAN key 27 bytes [000] 44 4E 3D 40 49 4E 44 45 58
3A 55 53 4E 43 52 45 DN=@INDE X:USNCRE [010] 41 54 45 44 3A 35 33 33 39 39 00
ATED:533 99 tdb_rec_read bad magic 0xd9fee666 at offset=3878500 tdb> list:
(filtered to find "magic=0xd9fee666", and then just showing two
suspected entries with "full_hash=0x00000000", one has a particularly
large lengh. ) rec: hash=99 offset=0x0013a000 next=0x00009cec rec_len=2393472
key_len=0 data_len=0 full_hash=0x00000000 magic=0xd9fee666 rec: hash=99
offset=0x00009cec next=0x00000000 rec_len=168 key_len=0 data_len=0
full_hash=0x00000000 magic=0xd9fee666 tdb> info tdb_rec_read bad magic
0xd9fee666 at offset=3878500 Size of file/data: 5312512/515968 Header
offset/logical size: 0/5312512 Number of records: 636 Incompatible hash: no
Active/supported feature flags: 0x00000000/0x00000001 Robust mutexes locking: no
Smallest/average/largest keys: 12/46/142 Smallest/average/largest data:
49/764/23643 Smallest/average/largest padding: 6/185/5918 Number of dead
records: 1 Smallest/average/largest dead records: 1232872/1232872/1232872 Number
of free records: 50 Smallest/average/largest free records: 12/67785/2393472
Number of hash chains: 10000 Smallest/average/largest hash chains: 0/0/2 Number
of uncoalesced records: 2 Smallest/average/largest uncoalesced runs: 1/1/1
Percentage keys/data/padding/free/dead/rechdrs&tailers/hashes:
1/9/2/64/23/0/1 tdb> Let me know if I can supply any more info on this.
Thanks,
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba