[Samba] internal dns server deletes and re-creates entries, leaving deleted objects

dahopkins at comcast.net dahopkins at comcast.net
Mon Oct 21 17:38:11 MDT 2013 


----- Original Message -----
On Mon, 2013-10-21 at 23:19 +0000, dahopkins at comcast.net wrote:
> Andrew,
> 
> Here is the last part of the output from the ldbsearch command.  It appears that DNS is still growing rapidly and is being replicated across the servers.
> 
> ---------------------------------------------------------------------------------------------------------------------
> 
> # record 117569
> dn: DC=NCS-FINANCE\0ADEL:17f969f3-ef19-4c8a-9d27-fa802257678b,CN=Deleted Objects,DC=DomainDnsZones,DC=ncs,DC=k12,DC=de,DC=us
> objectClass: top
> objectClass: dnsNode
> instanceType: 4
> whenCreated: 20130831222333.0Z
> uSNCreated: 25571
> objectGUID: 17f969f3-ef19-4c8a-9d27-fa802257678b
> isDeleted: TRUE
> lastKnownParent: DC=ncs.k12.de.us,CN=MicrosoftDNS,DC=DomainDnsZones,DC=ncs,DC=
>  k12,DC=de,DC=us
> isRecycled: TRUE
> dc:: TkNTLUZJTkFOQ0UKREVMOjE3Zjk2OWYzLWVmMTktNGM4YS05ZDI3LWZhODAyMjU3Njc4Yg==
> name:: TkNTLUZJTkFOQ0UKREVMOjE3Zjk2OWYzLWVmMTktNGM4YS05ZDI3LWZhODAyMjU3Njc4Yg=
>  =
> whenChanged: 20130831232332.0Z
> uSNChanged: 25584
> distinguishedName: DC=NCS-FINANCE\0ADEL:17f969f3-ef19-4c8a-9d27-fa802257678b,C
>  N=Deleted Objects,DC=DomainDnsZones,DC=ncs,DC=k12,DC=de,DC=us
> 
> # returned 117569 records
> # 117569 entries
> # 0 referrals
> 
> So .. is there a way to clean up the DNS issues without wiping the servers? I did not get exactly the same results on both samba4 AD DC's. One server reported 117569 records, the other 117562. Could be a timing issue given how quickly the database is growing?
> 
> We didn't even build our samba4 domain until approximately Aug 24/2013 so definitely after the commit date.
> 
> Sincerely,
> Dave Hopkins
> 

>In the short term, can you try and use DLZ_BIND9 until we can sort this
>out in the internal server?  Then we can look at trying to expire these
>tombstones. 

We can try. Are we sure that the conversion from internal to external DNS will be ok?  Given the other issues we are facing, I'm extremely leery of completely losing everything. We'll backup the samba/private directories, and other key config files before the attempt. I'm assuming that if it goes badly, I could then just restore those directories and config files and restart samba.

We could also (time consuming but do-able) assign static IP addresses though not sure this would resolve anything.

Sincerely,
Dave Hopkins

More information about the samba mailing list