[Samba] Samba4: internal DNS orphaned dnsNode objects with no dnsRecord

[Dominic Evans]

I was having some problems with certain entries in my internal DNS
server refusing to be updated via nsupdate. The updates would always
be rejected. After investigating further I noticed that this seemed to
correspond with dnsNode entries in the sam.ldb that didn't actually
contain a dnsRecord attribute.

i.e., the records found by this search:

$ sudo ldbsearch -H /var/lib/samba/private/sam.ldb
'(&(objectClass=dnsNode)(!(dnsRecord=*)))'

Are there any risks associated with doing an ldbmodify to delete all
of these entries? How might they have come about?