migration bind9 flat file to DLZ

Thu Feb 9 01:21:59 MST 2012

Hi Andreas,

On Thu, Feb 9, 2012 at 7:05 PM, Andreas Oster <aoster at novanetwork.de> wrote:

>  Hi Amitay,
>
> Am 09.02.2012 08:54, schrieb Amitay Isaacs:
>
> Hi Andreas,
>
> On Thu, Feb 9, 2012 at 6:41 PM, Andreas Oster <aoster at novanetwork.de> <aoster at novanetwork.de> wrote:
>
>
>  now the upgradedns script completed without any errors. The bind9 demon
> could
> load the data but something seems to be wrong. I am not allowed to edit the
> novanetwork.loc Forward Lookup Zone.  In DNS administration tool I get the
> following
> error when selecting "novanetwork.loc": Zone not loaded by DNS Server
> The rest seems to be OK.
>
> Thank you for your great efforts and kind help.
>
> best regards
>
> Andreas
>
>
>  I am assuming that you are using relatively recent source from git master for
> running samba. Can you see the records from the zone in dns management
> tool?
>
>  last git pull was yesterday, so sources are up to date.
>
>
>
>  Are you able to run samba-tool dns commands? For example,
>
>    samba-tool dns serverinfo <server> -U administrator%<password>
>
>
> /usr/local/samba/bin/samba-tool dns serverinfo novadc01 -U administrator
> Password for [NOVA\administrator]:
>   dwVersion                   : 0xece0205
>   fBootMethod                 : DNS_BOOT_METHOD_DIRECTORY
>   fAdminConfigured            : FALSE
>   fAllowUpdate                : TRUE
>   fDsAvailable                : TRUE
>   pszServerName               : NOVADC01.novanetwork.loc
>   pszDsContainer              :
> CN=MicrosoftDNS,DC=DomainDnsZones,DC=novanetwork,DC=loc
>   aipServerAddrs              : ['255.255.255.255 (53)', '255.255.255.255
> (53)']
>   aipListenAddrs              : ['255.255.255.255 (53)', '255.255.255.255
> (53)']
>   aipForwarders               : []
>   dwLogLevel                  : 0
>   dwDebugLevel                : 0
>   dwForwardTimeout            : 3
>   dwRpcPrototol               : 0x5
>   dwNameCheckFlag             : DNS_ALLOW_MULTIBYTE_NAMES
>   cAddressAnswerLimit         : 0
>   dwRecursionRetry            : 3
>   dwRecursionTimeout          : 8
>   dwMaxCacheTtl               : 86400
>   dwDsPollingInterval         : 180
>   dwScavengingInterval        : 0
>   dwDefaultRefreshInterval    : 168
>   dwDefaultNoRefreshInterval  : 168
>   fAutoReverseZones           : FALSE
>   fAutoCacheUpdate            : FALSE
>   fRecurseAfterForwarding     : FALSE
>   fForwardDelegations         : TRUE
>   fNoRecursion                : FALSE
>   fSecureResponses            : FALSE
>   fRoundRobin                 : TRUE
>   fLocalNetPriority           : FALSE
>   fBindSecondaries            : FALSE
>   fWriteAuthorityNs           : FALSE
>   fStrictFileParsing          : FALSE
>   fLooseWildcarding           : FALSE
>   fDefaultAgingState          : FALSE
>   dwRpcStructureVersion       : 0x2
>   aipLogFilter                : []
>   pwszLogFilePath             : None
>   pszDomainName               : novanetwork.loc
>   pszForestName               : novanetwork.loc
>   pszDomainDirectoryPartition : DC=DomainDnsZones,DC=novanetwork,DC=loc
>   pszForestDirectoryPartition : DC=ForestDnsZones,DC=novanetwork,DC=loc
>   dwLocalNetPriorityNetMask   : 0xff
>   dwLastScavengeTime          : 0
>   dwEventLogLevel             : 4
>   dwLogFileMaxSize            : 0
>   dwDsForestVersion           : 4
>   dwDsDomainVersion           : 4
>   dwDsDsaVersion              : 4
>   fReadOnlyDC                 : FALSE
>
>     samba-tool dns zonelist <server> -U administrator%<password>
>
>   /usr/local/samba/bin/samba-tool dns zonelist novadc01 -U administrator
> Password for [NOVA\administrator]:
>   3 zone(s) found
>
>   pszZoneName                 : 1.2.10.in-addr.arpa
>   Flags                       : DNS_RPC_ZONE_DSINTEGRATED
> DNS_RPC_ZONE_UPDATE_SECURE
>   ZoneType                    : DNS_ZONE_TYPE_PRIMARY
>   Version                     : 50
>   dwDpFlags                   : DNS_DP_AUTOCREATED DNS_DP_DOMAIN_DEFAULT
> DNS_DP_ENLISTED
>   pszDpFqdn                   : DomainDnsZones.novanetwork.loc
>
>   pszZoneName                 : novanetwork.loc
>   Flags                       : DNS_RPC_ZONE_DSINTEGRATED
> DNS_RPC_ZONE_UPDATE_SECURE
>   ZoneType                    : DNS_ZONE_TYPE_PRIMARY
>   Version                     : 50
>   dwDpFlags                   : DNS_DP_AUTOCREATED DNS_DP_DOMAIN_DEFAULT
> DNS_DP_ENLISTED
>   pszDpFqdn                   : DomainDnsZones.novanetwork.loc
>
>   pszZoneName                 : _msdcs.novanetwork.loc
>   Flags                       : DNS_RPC_ZONE_DSINTEGRATED
> DNS_RPC_ZONE_UPDATE_SECURE
>   ZoneType                    : DNS_ZONE_TYPE_PRIMARY
>   Version                     : 50
>   dwDpFlags                   : DNS_DP_AUTOCREATED DNS_DP_FOREST_DEFAULT
> DNS_DP_ENLISTED
>   pszDpFqdn                   : ForestDnsZones.novanetwork.loc
>
>
>
>  If the above commands fail, you might be running older version of samba
> without RPC dnsserver support.
>
> Amitay
>
>
> best regards
>
> Andreas
>
>
I think the problem is the @ record. The DNS management tool is not working
because it cannot find @ record. This is an issue with import. In the zone
file, there is only single @ record, but two zones (novanetwork.loc and
msdcs.novanetwork.loc). The @ record has been imported for zone
_msdcs.novanetwork.loc and you can see it through network management
tool.

I will update the DNS import, to copy @ record for both the zones.

You can confirm this by

    samba-tool dns query <server> novanetwork.loc @ ALL

This will not have @ record, but

    samba-tool dns query <server> _msdcs.novanetwork.loc @ ALL

should have @ record.

For now, you can use --migrate=no option to auto-create the entries for
AD operation and add any other entries with samba-tool dns add command.

Amitay.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: FLZ.png
Type: image/png
Size: 10166 bytes
Desc: not available
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20120209/38bdddbd/attachment.png>