[Samba] A and/or PTR record deleted after pc wake-up

Thu Mar 6 03:36:50 MST 2014

On Thu, 2014-03-06 at 10:30 +0100, Peter Serbe wrote:
> Hi Louis, 
> 
> > So its normal that after a pc woke up my A and PTR records gets deleted ?? 
> 
> It doesn't look like the records were deleted...
> The very first lines of Your log seem to indicate that the authentication of the 
> bind doesn't work. I'd fix this first. 
> 
> > Mar  5 15:43:13 rtd-dc1 named[3717]: samba_dlz: starting transaction on zone INTERNAL.DOMAIN.TLD
> > Mar  5 15:43:13 rtd-dc1 named[3717]: client 10.249.250.64#49271: update 'INTERNAL.DOMAIN.TLD/IN' denied
> > Mar  5 15:43:13 rtd-dc1 named[3717]: samba_dlz: cancelling transaction on zone INTERNAL.DOMAIN.TLD
> 

Yes, but immediately afterwards it then goes onto authenticate perfectly
well. Working on exactly the same zone it just denied access to:

>Mar  5 15:43:13 rtd-dc1 named[3717]: samba_dlz: starting 
>transaction on zone INTERNAL.DOMAIN.TLD
>Mar  5 15:43:13 rtd-dc1 named[3717]: samba_dlz: allowing 
>update of signer=admin-pc\$\@INTERNAL.DOMAIN.TLD 
>name=Admin-PC.INTERNAL.DOMAIN.TLD tcpaddr= type=A 
>key=980-ms-7.2-65f74b.f80d0c34-a464-11e3-63b9-d067e50ae371/160/0
>
>==>>  Mar  5 15:43:13 rtd-dc1 named[3717]: client 
>10.249.250.64#55424: updating zone 'INTERNAL.DOMAIN.TLD/NONE': 
>deleting an RR at Admin-PC.INTERNAL.DOMAIN.TLD A   
>
>Mar  5 15:43:13 rtd-dc1 named[3717]: samba_dlz: subtracted 
>rdataset Admin-PC.INTERNAL.DOMAIN.TLD 
>'Admin-PC.INTERNAL.DOMAIN.TLD.#0111200#011IN#011A#01110.249.250.64'
>Mar  5 15:43:13 rtd-dc1 named[3717]: samba_dlz: subtracted 
>rdataset INTERNAL.DOMAIN.TLD 
>'INTERNAL.DOMAIN.TLD.#0113600#011IN#011SOA#011rtd-dc1.INTERNAL.
>DOMAIN.TLD. hostmaster.INTERNAL.DOMAIN.TLD. 3 900 600 86400 0'
>Mar  5 15:43:13 rtd-dc1 named[3717]: samba_dlz: added rdataset 
>INTERNAL.DOMAIN.TLD 
>'INTERNAL.DOMAIN.TLD.#0113600#011IN#011SOA#011rtd-dc1.INTERNAL.
>DOMAIN.TLD. hostmaster.INTERNAL.DOMAIN.TLD. 4 900 600 86400 0'
>Mar  5 15:43:13 rtd-dc1 named[3717]: samba_dlz: committed 
>transaction on zone INTERNAL.DOMAIN.TLD

The machine key has been used to authenticate. named must have had
access to the dns keytab too.

@Louis: are we certain that there is nothing in DNS for Admin-PC? I
mean, according to samba-tool dns or the windows dns admin. Maybe is
there is, delete it, unjoin and rejoin?
HTH
Steve