[Samba] vestigial DNS entries

Lee Allen lee at leecallen.com
Tue Nov 26 18:48:07 MST 2013

David's solution worked - I was able to remove that entry from the internal
DNS directory.  Since then I have hunted down and purged several others.  I
am pretty sure my internal DNS is now clear of references to
and/or 'samba-ad.allenlan.net' -- both of these were lingering references
from the old configuration.

But something is still ... somewhere.  Each time I start samba I get this
in my log.samba file:

/usr/local/samba/sbin/samba_dnsupdate: couldn't get address for '
samba-ad.allenlan.net': not found

The only reference I can find anywhere on my system is here:
/usr/local/samba/private/named.conf.update :

/* this file is auto-generated - do not edit */
update-policy {
        grant ALLENLAN.NET ms-self * A AAAA;
        grant Administrator at ALLENLAN.NET wildcard * A AAAA SRV CNAME;
*        grant SAMBA-AD$@allenlan.net <http://allenlan.net> wildcard * A
        grant AD$@allenlan.net wildcard * A AAAA SRV CNAME;

But, as the comments indicate, this file is generated.  I can delete the
samba-ad line but it bounces right back after a restart.

Any ideas?

On Tue, Nov 26, 2013 at 6:19 PM, David Keegel <djk-samba at cyber.com.au>wrote:

> On Tue, Nov 26, 2013 at 03:34:22PM -0500, Lee Allen wrote:
> > I am running samba 4.2.0 as an AD with internal DNS.
> > Today I tried to play around with SWAT and I see my samba log is full of
> > failed attempts to connect to -- that was my old Samba4 AD,
> > now destroyed.  The only place I can find any reference to that IP
> address
> > is when I do "samba-tool dns query ... @", it shows:
> >
> >   Name=, Records=2, Children=0
> >     A: (flags=600000f0, serial=1, ttl=900)
> >     A: (flags=600000f0, serial=110, ttl=900)
> >
> > That is, a null name, and the IP addresses of my old/defunct AD (.13) and
> > my current/operational AD (.5).
> >
> > How can I get rid of the 0.13 record?
> This should do it:
>     samba-tool dns delete $zone @ A
> (where $zone stands for whatever zone name you are using in your query).
> (I did a quick test that samba-tool won't delete the other A record for
> Name= and won't delete other A records with the same IP address but
> other names under that zone, and samba-tool did what I meant.)
> Or you could use something like Microsoft Management Console to manage
> Samba DNS if you are more comfortable with MMC.
> > Are both of these records incorrect?
> I don't think they are necessary, unless someone or something uses
> that zone name as if it was a host name (for example http://$zone
> or ping $zone or \\$zone\$share or password server=$zone).  But the
> fact that your samba logs have lots of failed attempts to connect
> to suggests that perhaps something in your samba *is*
> referring to $zone (or directly) like a host name.
> --
> ___________________________________________________________________________
>   David Keegel <djk-samba at cyber.com.au>      Cyber IT Solutions Pty. Ltd.
>    http://www.cyber.com.au/~djk/     Linux & Unix Systems Administration

*Lee Allen*
email: lee at leecallen.com
bus: (404) 698-1801
home: (716) 773-2326
cell: (716) 880-0854
fax: (716) 408-8844

More information about the samba mailing list