[Samba] Fwd: dnsdomainzone replication failure

Achim Gottinger achim at ag-web.biz
Fri Jul 25 12:51:24 MDT 2014 

Am 25.07.2014 20:37, schrieb kindc1 at gmail.com:
> Am 25.07.2014 12:22, schrieb Achim Gottinger:
>> Am 25.07.2014 08:56, schrieb C.Kindler:
>>> finally could delete this strange entry with:
>>>
>>> ldbsearch -H /var/lib/samba/private/dns/sam.ldb -b "CN=Deleted
>>> Objects,DC=DomainDnsZones,DC=...." --show-deleted --show-binary
>>> --extended-dn
>>> ldbdel -H /var/lib/samba/private/dns/sam.ldb "<GUID=51220e6c...>"
>>>
>>> The  "--extended-dn" was the clue!
>>>
>>> Thanks again for your help!
>>> Best regards
>>>
>> That was an interesting task. Does the replication work without errors
>> and does dbcheck --cross-nsc pass?
> Luckily double yes :-)
Sounds good. Meanwhile I could use this syntax here too. After lowering 
tombstone lifetime at my setup running

samba-tool dbcheck --cross-ncs

resulted in

Checking 20970 objects
ERROR: wrong
dn[DC=client\0ACNF:ce76b285-0ade-444b-b08c-e8b2f7c9fcf9,CN=Deleted 
Objects,DC=DomainDnsZones,DC=...]
dc='client\nCNF:ce76b285-0ade-444b-b08c-e8b2f7c9fcf9'
name='client\nDEL:ce76b285-0ade-444b-b08c-e8b2f7c9fcf9'
new_dn[DC=client\0ADEL:ce76b285-0ade-444b-b08c-e8b2f7c9fcf9,CN=Deleted 
Objects,DC=DomainDnsZones,DC=...]
Not renaming
DC=client\0ACNF:ce76b285-0ade-444b-b08c-e8b2f7c9fcf9,CN=Deleted 
Objects,DC=DomainDnsZones,DC=... to
DC=client\0ADEL:ce76b285-0ade-444b-b08c-e8b2f7c9fcf9,CN=Deleted 
Objects,DC=DomainDnsZones,DC=...
Please use --fix to fix these errors
Checked 20970 objects (1 errors)

reran with --fix but it did not help. So I took an snapshot of al addc 
vm's and deleted the entry using your syntax

ldbdel -H /var/lib/samba/private/sam.ldb 
"<GUID=ce76b285-0ade-444b-b08c-e8b2f7c9fcf9>"

on all addc's.

Afterwards dbcheck passed and till now i have not seen replication errors.

Had tried to delete "Deleted Objects" before using -H 
/var/lib/samba/private/sam.ldb.d/DC=\DOMAINDNSZONES,DC=...ldb which was 
an bad idea, afterwards i could no longer add/delete or modify dns 
records. This does still work now and i wonder if this sytnax can be 
used to remove these hundreds of deleted DNS records for clients with 
dynamic ip's.

Anyway thanks for figuring this out.

achim~

More information about the samba mailing list