[PATCH] samba_dnsupdate: honor 'dns zone scavenging' option, only update if needed (bug 13605)

Björn Baumbach bb at sernet.de
Thu Sep 6 14:33:56 UTC 2018

On 09/05/2018 10:19 PM, Stefan Metzmacher wrote:
>>>  # samba_dnsupdate --option='dns zone scavenging = yes' 2>&1 | uniq
>>> -c
>>>      29 ; TSIG error with server: tsig verify failure
>>>       1 Failed update of 29 entries
>> But why do we get TSIG errors?
> They happen when the nsupdate -g command tries to verify the servers
> signature

Ah, yes - sorry. I thought this is a known issue, because I see this on
all new AD DCs, once, until all records have been created successfully.
But since the scavenging changes the TSIG errors fill the logs.

By default the dns zone scavenging is disabled. Therefore the proposed
patch minimizes the the annoying error messages.

Best regards,

SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen
phone: +49-551-370000-0, fax: +49-551-370000-9
AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen
http://www.sernet.de, mailto:kontakt at sernet.de

More information about the samba-technical mailing list