[Samba] internal dns server deletes and re-creates entries, leaving deleted objects

Andrew Bartlett abartlet at samba.org
Mon Oct 21 17:22:08 MDT 2013 

On Mon, 2013-10-21 at 23:19 +0000, dahopkins at comcast.net wrote:
> Andrew,
> 
> Here is the last part of the output from the ldbsearch command.  It appears that DNS is still growing rapidly and is being replicated across the servers.
> 
> ---------------------------------------------------------------------------------------------------------------------
> 
> # record 117569
> dn: DC=NCS-FINANCE\0ADEL:17f969f3-ef19-4c8a-9d27-fa802257678b,CN=Deleted Objects,DC=DomainDnsZones,DC=ncs,DC=k12,DC=de,DC=us
> objectClass: top
> objectClass: dnsNode
> instanceType: 4
> whenCreated: 20130831222333.0Z
> uSNCreated: 25571
> objectGUID: 17f969f3-ef19-4c8a-9d27-fa802257678b
> isDeleted: TRUE
> lastKnownParent: DC=ncs.k12.de.us,CN=MicrosoftDNS,DC=DomainDnsZones,DC=ncs,DC=
>  k12,DC=de,DC=us
> isRecycled: TRUE
> dc:: TkNTLUZJTkFOQ0UKREVMOjE3Zjk2OWYzLWVmMTktNGM4YS05ZDI3LWZhODAyMjU3Njc4Yg==
> name:: TkNTLUZJTkFOQ0UKREVMOjE3Zjk2OWYzLWVmMTktNGM4YS05ZDI3LWZhODAyMjU3Njc4Yg=
>  =
> whenChanged: 20130831232332.0Z
> uSNChanged: 25584
> distinguishedName: DC=NCS-FINANCE\0ADEL:17f969f3-ef19-4c8a-9d27-fa802257678b,C
>  N=Deleted Objects,DC=DomainDnsZones,DC=ncs,DC=k12,DC=de,DC=us
> 
> # returned 117569 records
> # 117569 entries
> # 0 referrals
> 
> So .. is there a way to clean up the DNS issues without wiping the servers? I did not get exactly the same results on both samba4 AD DC's. One server reported 117569 records, the other 117562. Could be a timing issue given how quickly the database is growing?
> 
> We didn't even build our samba4 domain until approximately Aug 24/2013 so definitely after the commit date.
> 
> Sincerely,
> Dave Hopkins
> 

In the short term, can you try and use DLZ_BIND9 until we can sort this
out in the internal server?  Then we can look at trying to expire these
tombstones. 

Thanks,

Andrew Bartlett

-- 
Andrew Bartlett                                http://samba.org/~abartlet/
Authentication Developer, Samba Team           http://samba.org

More information about the samba mailing list