[Samba] Samba errors everyday at 00:00:00
Rowland Penny
rpenny at samba.org
Fri Mar 22 16:26:11 UTC 2024
On Fri, 22 Mar 2024 15:33:19 +0000
Kamal Chikh echioukh <k_chikhechioukh at hotmail.com> wrote:
> Hello Rawland,
>
> Thank you for your reply.
>
> We manage other zones other than the ad zone. These zones are stored
> in our AD (ldap). To do this, we have set up the named-sdb service
> which listens on 127.0.0.2. Samba AD forwards all DNS requests that
> do not match the AD domain zone to named-sdb.
>
> The problem is that these log errors only occur at 00:00:00 every day.
>
>
It appears that 'something' is trying to add a SOA record to your AD
and failing, which is why you are getting the error message:
dns_server_process_query_got_auth: Failed to add SOA record:
WERR_DNS_ERROR_RCODE_FORMAT_ERROR
The code that is doing this is this:
werr2 = add_zone_authority_record(state->dns, state, state->question, &state->nsrecs);
if (tevent_req_werror(req, werr2)) {
DBG_WARNING("Failed to add SOA record: %s\n", win_errstr(werr2));
return;
}
Now 'WERR_DNS_ERROR_RCODE_FORMAT_ERROR' is Samba for
Windows 'DNS_ERROR_RCODE_FORMAT_ERROR', error code 9001 (0x00002329),
which is computer talk for 'DNS server unable to interpret format.'
You need to find out what the 'something' is, stop it from sending the
SOA update or fix it to send the correct format. Of course it could be
trying to add a SOA record to a different zone than the ones your AD DC
is authoritative for (the AD ones).
I personally would not run another dns server on a Samba DC (unless it
was Bind9 to replace the internal dns server), I would run any other
external dns server on a separate computer and forward to that.
Rowland
More information about the samba
mailing list