[Samba] samba4.1 RODC with BIND as DNS backend

Michael Brown michael at netdirect.ca
Tue Nov 19 09:36:23 MST 2013 

On 13-11-19 01:02 AM, Andrew Bartlett wrote:
> I like it very much. I assume you tested it and it fixes the issue?
Near as I can tell. It does what I intended it to do, but I have no 
assurance that I was correct in doing so. But this kind of thing is what 
I'm spending ALL my time on for the next two weeks.
> If so, can you post it as a 'git format-patch -1' formatted patch so I 
> can review it and get it into master?
Certainly.

I just joined a Windows RODC to the same site in my lab to compare 
behaviour. It used the other (samba4) DNS server to create records. I 
got a few messages in the named log that concern me:

http://paste.ubuntu.com/6443473/

Nov 19 10:41:34 sles-shire named[6112]: samba_dlz: failed to modify DC=@,DC=main.adlab.netdirect.ca,CN=MicrosoftDNS,DC=DomainDnsZones,DC=main,DC=adlab,DC=netdirect,DC=ca - Invalid LDB reply type 1
... (no idea what to do)
Nov 19 10:42:21 sles-shire named[6112]: the working directory is not writable
... (d'oh, I can fix this one)
Nov 19 10:42:21 sles-shire named[6112]: zone main.adlab.netdirect.ca/NONE: (other) removed
Nov 19 10:42:21 sles-shire named[6112]: zone _msdcs.main.adlab.netdirect.ca/NONE: (other) removed
... (they're not actually removed - they show up in the output of 'rndc dumpdb -zones')

sles-shire:~ # ls -al /var/lib/samba/private/sam.ldb.d/

total 33244
drwxr-x--- 2 root named     4096 Nov 18 16:09 .
drwxr-xr-x 7 root root      4096 Nov 19 11:07 ..
-rw------- 1 root root  10391552 Nov 19 11:06 
CN=CONFIGURATION,DC=MAIN,DC=ADLAB,DC=NETDIRECT,DC=CA.ldb
-rw------- 1 root root  10391552 Nov 19 11:06 
CN=SCHEMA,CN=CONFIGURATION,DC=MAIN,DC=ADLAB,DC=NETDIRECT,DC=CA.ldb
-rw-rw---- 2 root named  4251648 Nov 19 11:06 
DC=DOMAINDNSZONES,DC=MAIN,DC=ADLAB,DC=NETDIRECT,DC=CA.ldb
-rw-rw---- 2 root named  4251648 Nov 19 11:06 
DC=FORESTDNSZONES,DC=MAIN,DC=ADLAB,DC=NETDIRECT,DC=CA.ldb
-rw------- 1 root root   4251648 Nov 19 11:06 
DC=MAIN,DC=ADLAB,DC=NETDIRECT,DC=CA.ldb
-rw-rw---- 2 root named   421888 Nov 19 11:06 metadata.tdb

Are those messages worrisome?

M.

-- 
Michael Brown               | `One of the main causes of the fall of
Systems Consultant          | the Roman Empire was that, lacking zero,
Net Direct Inc.             | they had no way to indicate successful
☎: +1 519 883 1172 x5106    | termination of their C programs.' - Firth

More information about the samba mailing list