search for: rootdnsserv

...samba-tool could be enhanced to make changing the root >>> hints possible? It can handle "normal" DNS records, so I wouldn't >>> expect non-trivial showstoppers... >>> >> This was my first thought, but after comparing the record in AD for >> 'RootDNSServers' with the forward zone, it is a zone, but 'samba-tool >> dns zonelist' doesn't show it. It looks like the 'C' code is where the >> problem lies. >> >> I am going to raise a bug report for this. >> >> Rowland >> >> >> &...

The RootDNSServers zone is special in a number of ways. It has no SOA record for instance, and so there's a lot of special casing around it. Looking on a Windows DC, dnscmd /enumzones lists dot as a zone and dnscmd /enumrecords . returns the root servers (as well as ..RootHints it seems). None of this is our c...

...tion in our code was to be able to > > add/modify records with the "." zone. Trying it, there seems to be > > other issues with using it. I'm not entirely sure if this alias is > > valid against Windows or for which calls. > > The zone is definitely called 'RootDNSServers' not '.' > > If something looks like a duck, walks like a duck and quacks like a > duck, it is a duck. > > The object in AD for 'RootDNSServers' looks like a zone record, it is > in 'CN=MicrosoftDNS,DC=DomainDnsZones,DC=samdom,DC=example,DC=com' and...

...file-for-bind-named-server/ > The OP basically did that manually, but it didn't change the record in AD. The record is an 'A' record, but 'samba-tool dns update' will not change it, because it claims the zone does not exist. The record has this DN: DC=h.root-servers.net,DC=RootDNSServers,CN=MicrosoftDNS,DC=DomainDnsZones,DC=samdom,DC=example,DC=com So the zone seems to be 'RootDNSServers' but this doesn't seem to exist :-( Rowland

...zone > '_msdcs.lindom.example.local' > > This tells that named will use bind_dlz module for 2 zones > (lindom.example.local and _msdcs.lindom.example.local). > Yes, this is what happens for me, along with the reverse zone. > > > The only reason for keeping the RootDNSServers zone in the AD > database is to interoperate with windows AD server running DNS > service. > > So updating DC=RootDNSServers,CN=MicrosoftDNS,DC=DomainDnsZones > zone for changing root servers is absolutely useless with bind-dlz > set up. BIND named will never look at the ent...

...like the original intention in our code was to be able to > add/modify records with the "." zone. Trying it, there seems to be > other issues with using it. I'm not entirely sure if this alias is > valid against Windows or for which calls. The zone is definitely called 'RootDNSServers' not '.' If something looks like a duck, walks like a duck and quacks like a duck, it is a duck. The object in AD for 'RootDNSServers' looks like a zone record, it is in 'CN=MicrosoftDNS,DC=DomainDnsZones,DC=samdom,DC=example,DC=com' and it has the 'objectClass&...

...manually, but it didn't change the record > > in AD. > > The record is an 'A' record, but 'samba-tool dns update' will not > > change it, because it claims the zone does not exist. The record has > > this DN: > > > > DC=h.root-servers.net,DC=RootDNSServers,CN=MicrosoftDNS,DC=DomainDnsZones,DC=samdom,DC=example,DC=com > > > > So the zone seems to be 'RootDNSServers' but this doesn't seem to > > exist :-( > > Exactly. > > Of course, I could try and change the data using ldbedit, but AD DNS > records ar...

...;/ dn: > />>/ DC=samba4.scem.westernsydney.edu.au,CN=MicrosoftDNS,DC=DomainDnsZones,DC=samba4,DC=scem,DC=westernsydney,DC=edu,DC=au > />>/ > />>/ name: samba4.scem.westernsydney.edu.au > />>/ > />>/ # record 2 > />>/ dn: > />>/ DC=RootDNSServers,CN=MicrosoftDNS,DC=DomainDnsZones,DC=samba4,DC=scem,DC=westernsydney,DC=edu,DC=au > />>/ > />>/ name: RootDNSServers > />>/ > />>/ # record 3 > />>/ dn: > />>/ DC=_msdcs.samba4.scem.westernsydney.edu.au,CN=MicrosoftDNS,DC=ForestDnsZones,D...

Hi, we are running a Samba AD on UCS 4.2, which comes with Samba 4.6.1. The DNS server (192.168.0.200) is operated by bind with the samba DLZ module. It also hosts several zones outside of samba. Every couple of hours, I get messages like these on the server: Jun 5 23:04:58 ucsdc1 daemon:[warning] checkhints: h.root-servers.net/A (198.97.190.53) missing from hints Jun 5 23:04:58 ucsdc1

...hange the > > > record in AD. > > > The record is an 'A' record, but 'samba-tool dns update' will not > > > change it, because it claims the zone does not exist. The record > > > has this DN: > > > > > > DC=h.root-servers.net,DC=RootDNSServers,CN=MicrosoftDNS,DC=DomainDnsZones,DC=samdom,DC=example,DC=com > > > > > > So the zone seems to be 'RootDNSServers' but this doesn't seem to > > > exist :-( > > > > Exactly. > > > > Of course, I could try and change the data using...

...#39; > > > > This tells that named will use bind_dlz module for 2 zones > > (lindom.example.local and _msdcs.lindom.example.local). > > > > Yes, this is what happens for me, along with the reverse zone. > > > > > > > The only reason for keeping the RootDNSServers zone in the AD > > database is to interoperate with windows AD server running DNS > > service. > > > > So updating DC=RootDNSServers,CN=MicrosoftDNS,DC=DomainDnsZones > > zone for changing root servers is absolutely useless with bind-dlz > > set up. BIND nam...

...> The OP basically did that manually, but it didn't change the record in > AD. > The record is an 'A' record, but 'samba-tool dns update' will not > change it, because it claims the zone does not exist. The record has > this DN: > > DC=h.root-servers.net,DC=RootDNSServers,CN=MicrosoftDNS,DC=DomainDnsZones,DC=samdom,DC=example,DC=com > > So the zone seems to be 'RootDNSServers' but this doesn't seem to > exist :-( Exactly. Of course, I could try and change the data using ldbedit, but AD DNS records are stored in a binary encoded data struct...

...configuration option "dns forwarder"). Then internal dns server will > forward all the queries which it cannot resolve using the domains in > the AD database to this dns server. Bind9 needs forwarders setting as well > > > > Is there some reason not to use the 'RootDNSServers' zone with > > Bind9 ? > > > > Is there some reason why BIND should? The root dns servers are fairly > static. > It seems strange to have the zone in AD and not use it and I have never seen it documented anywhere that it isn't used by either of the DNS servers...

...I don't have an English Windows > version at my disposal, but loosely translated it would be something > like "The name could not be found".) > > Thus, my question is: What is the correct way to update Samba's root > hints? > > The only reason for keeping the RootDNSServers zone in the AD database is to interoperate with windows AD server running DNS service. So updating DC=RootDNSServers,CN=MicrosoftDNS,DC=DomainDnsZones zone for changing root servers is absolutely useless with bind-dlz set up. BIND named will never look at the entries in this zone for root do...

...gt; > > > # record 1 > > dn: > > DC=samba4.scem.westernsydney.edu.au > ,CN=MicrosoftDNS,DC=DomainDnsZones,DC=samba4,DC=scem,DC=westernsydney,DC=edu,DC=au > > > > name: samba4.scem.westernsydney.edu.au > > > > # record 2 > > dn: > > > DC=RootDNSServers,CN=MicrosoftDNS,DC=DomainDnsZones,DC=samba4,DC=scem,DC=westernsydney,DC=edu,DC=au > > > > name: RootDNSServers > > > > # record 3 > > dn: > > DC=_msdcs.samba4.scem.westernsydney.edu.au > ,CN=MicrosoftDNS,DC=ForestDnsZones,DC=samba4,DC=scem,DC=westernsydney,...

...find is something that >>> looks like this: >>> >>> dn: >>> DC=DomainDnsZones,DC=example.local,CN=MicrosoftDNS,CN=System,DC=example,DC=local > > I think I have the same setup. > In CN=MicrosoftDNS,DC=DomainDnsZones,DC=COMPANY,DC=NET I only have > DC=RootDNSServers. > My DNS zones are under CN=MicrosoftDNS,CN=System,DC=COMPANY,DC=NET > With host entries like: > DC=D-99,DC=company.net,CN=MicrosoftDNS,CN=System,DC=COMPANY,DC=NET > > In this post Amitay suggests: >> The older versions of window server (2003 and older) created the DNS &gt...

...uot;." { type hint; file "named.root"; }; # localhost zone zone "localhost" { type master; file "master/localhost.zone"; }; # 127.0.0. zone. zone "0.0.127.in-addr.arpa" { type master; file "master/0.0.127.zone"; }; These zones are also in DC=RootDNSServers,CN=MicrosoftDNS,DC=DomainDnsZones,DC=<domain>,DC=corp The log parts. 31-Oct-2018 13:26:56.585 processing statistics channel 127.0.0.1#8653 31-Oct-2018 13:26:56.585 statistics channel listening on 127.0.0.1#8653 31-Oct-2018 13:26:56.585 using default UDP/IPv4 port range: [1024, 65535] 31...

...host zone > zone "localhost" { > type master; > file "master/localhost.zone"; > }; > > # 127.0.0. zone. > zone "0.0.127.in-addr.arpa" { > type master; > file "master/0.0.127.zone"; > }; > > These zones are also in > DC=RootDNSServers,CN=MicrosoftDNS,DC=DomainDnsZones,DC=<domain>,DC=corp They may be, but they are not Samba dns zones and are not causing the problem, as proof I have them in my setup without problem. > > The log parts. > > 31-Oct-2018 13:26:56.585 processing statistics channel 127.0.0.1#86...

...pack: re-packed 10000 records so far > Repacking database from v1 to v2 format (first record > CN=site-Display,CN=401,CN=DisplaySpecifiers,CN=Configuration,DC=mydomain,DC=ext) > Repack: re-packed 10000 records so far > Repacking database from v1 to v2 format (first record > DC=@,DC=RootDNSServers,CN=MicrosoftDNS,DC=DomainDnsZones,DC=mydomain,DC=ext) > Repacking database from v1 to v2 format (first record > DC=@,DC=..TrustAnchors,CN=MicrosoftDNS,DC=ForestDnsZones,DC=mydomain,DC=ext) > Repacking database from v1 to v2 format (first record CN=RID > Set\0ADEL:943f4350-d597-46f3...

...samba,DC=laurenz,DC=ws) Repack: re-packed 10000 records so far Repacking database from v1 to v2 format (first record CN=IntellimirrorSCP-Display,CN=411,CN=DisplaySpecifiers,CN=Configuration,DC= samba,DC=laurenz,DC=ws) Repacking database from v1 to v2 format (first record DC=b.root-servers.net,DC=RootDNSServers,CN=MicrosoftDNS,DC=DomainDnsZones,DC =samba,DC=laurenz,DC=ws) Repacking database from v1 to v2 format (first record DC=_ldap._tcp.Default-First-Site-Name._sites.gc,DC=_msdcs.samba.laurenz.ws,C N=MicrosoftDNS,DC=ForestDnsZones,DC=samba,DC=laurenz,DC=ws) Repacking database from v1 to v2 format (...