[Samba] Clients no longer updating DNS & unable to delete MX records
Thomas Simmons
twsnnva at gmail.com
Wed Mar 20 13:29:00 MDT 2013
On Wed, Mar 20, 2013 at 9:05 AM, Thomas Simmons <twsnnva at gmail.com> wrote:
> Hello,
>
> After noticing some odd behavior on my domain, I realized that many of my
> DNS records are incorrect and that clients are no longer properly updating
> DNS. While looking into this, I also discovered that I am unable to delete
> MX records via AD DNS Manager or samba-tool. Both tools "see" the record
> but report it does not exist when I attempt to delete it. I can create new
> MX records, but cannot delete them. I can create and delete both A and
> CNAME records. The same behavior occurs under all zones. I can create and
> delete new forward lookup zones.
>
> [root at ADC1 log]# samba-tool dns query adc1 internal.testdom.com mailsrv MX
> GENSEC backend 'gssapi_spnego' registered
> GENSEC backend 'gssapi_krb5' registered
> GENSEC backend 'gssapi_krb5_sasl' registered
> GENSEC backend 'sasl-DIGEST-MD5' registered
> GENSEC backend 'schannel' registered
> GENSEC backend 'spnego' registered
> GENSEC backend 'ntlmssp' registered
> GENSEC backend 'krb5' registered
> GENSEC backend 'fake_gssapi_krb5' registered
> Using binding ncacn_ip_tcp:adc1[,sign]
> Name=, Records=3, Children=0
> MX: mailsrv.internal.testdom.com. (10) (flags=f0, serial=4, ttl=900)
>
> [root at ADC1 log]# samba-tool dns delete adc1 internal.testdom.com mailsrv
> MX 'mailsrv.internal.testdom.com 10'
> GENSEC backend 'gssapi_spnego' registered
> GENSEC backend 'gssapi_krb5' registered
> GENSEC backend 'gssapi_krb5_sasl' registered
> GENSEC backend 'sasl-DIGEST-MD5' registered
> GENSEC backend 'schannel' registered
> GENSEC backend 'spnego' registered
> GENSEC backend 'ntlmssp' registered
> GENSEC backend 'krb5' registered
> GENSEC backend 'fake_gssapi_krb5' registered
> Using binding ncacn_ip_tcp:adc1[,sign]
> ERROR(runtime): uncaught exception - (9701,
> 'WERR_DNS_ERROR_RECORD_DOES_NOT_EXIST')
> File
> "/usr/local/samba/lib/python2.6/site-packages/samba/netcmd/__init__.py",
> line 175, in _run
> return self.run(*args, **kwargs)
> File "/usr/local/samba/lib/python2.6/site-packages/samba/netcmd/dns.py",
> line 1169, in run
> del_rec_buf)
>
>
With log level = 10, when attempting to deleting the record, it appears to
find it, but reports it doesn't exist anyway. Has anyone seen this behavior
before? The last DNS update was nearly 2 weeks ago and I am not aware of
anything that happened around that time that would have triggered this. I
don't know it this MX problem and the clients being unable to update DNS
are related.
[2013/03/20 13:52:20, 5, pid=2064, effective(0, 0), real(0, 0)]
../lib/ldb-samba/ldb_wrap.c:69(ldb_wrap_debug)
ldb: ldb_trace_request: SEARCH
dn: DC=internal.testdom.com
,CN=MicrosoftDNS,DC=DomainDnsZones,DC=internal,DC=testdom,DC=com
scope: one
expr: (&(objectClass=dnsNode)(name=mailsrv))
attr: dnsRecord
control: <NONE>
[2013/03/20 13:52:20, 5, pid=2064, effective(0, 0), real(0, 0)]
../lib/ldb-samba/ldb_wrap.c:69(ldb_wrap_debug)
ldb: ldb_trace_request: (resolve_oids)->search
...
...
...
[2013/03/20 13:52:20, 5, pid=2064, effective(0, 0), real(0, 0)]
../lib/ldb-samba/ldb_wrap.c:69(ldb_wrap_debug)
ldb: ldb_trace_response: ENTRY
dn: DC=mailsrv,DC=internal.testdom.com
,CN=MicrosoftDNS,DC=DomainDnsZones,DC=internal,DC=testdom,DC=com
dnsRecord::
IgAPAAXwAAAEAAAAAAADhAAAAAALIDcAAAoeBAdtYWlsc3J2CGludGVybmFsB7G4YX
lzZXMDY29tAA==
dnsRecord:: EAAPAAXwAAA+AAAAAAAAAAAAAADcIjcAAAoMAgZnb29nbGUDY29tAA==
dnsRecord::
IgAPAAXwAAAEAAAAAAADhAAAAAALIDcAAAoeBAdtYWlsc3J2CGludGVybmFsB7G4YX
lzZXMDY29tAA==
[2013/03/20 13:52:20, 5, pid=2064, effective(0, 0), real(0, 0)]
../lib/ldb-samba/ldb_wrap.c:69(ldb_wrap_debug)
ldb: ldb_trace_response: DONE
error: 0
[2013/03/20 13:52:20, 1, pid=2064, effective(0, 0), real(0, 0)]
../librpc/ndr/ndr.c:282(ndr_print_function_debug)
DnssrvUpdateRecord2: struct DnssrvUpdateRecord2
out: struct DnssrvUpdateRecord2
result :
WERR_DNS_ERROR_RECORD_DOES_NOT_EXIST
More information about the samba
mailing list