[Samba] Questions About Bind_DLZ

David Minard david at scem.uws.edu.au
Tue Sep 29 04:34:58 UTC 2015 

G'day All,

     I've set up a new samba (4.2.3) DC using the bind-dlz DNS (bind 
9.9).  All went well, and the DC seemed to function well.  Machines 
joined, group policies etc seemed to work well.

     All samba configs are as they were created by the initial 
provision/domain join.

     The bind entries are as shown in the samba wiki - mostly.  I've put 
restrictions on what subnets can access it.

     However, looking at the logs for bind, I see the following every 
time bind gets reloaded:

28-Sep-2015 10:18:01.952 database: warning: samba_dlz: Ignoring 
duplicate zone 'samba4.scem.westernsydney.edu.au' from 
'DC=@,DC=samba4.scem.westernsydney.edu.au,CN=MicrosoftDNS,DC=DomainDnsZones,DC=samba4,DC=scem,DC=westernsydney,DC=edu,DC=au'
28-Sep-2015 10:18:01.953 database: warning: samba_dlz: Ignoring 
duplicate zone '_msdcs.samba4.scem.westernsydney.edu.au' from 
'DC=@,DC=_msdcs.samba4.scem.westernsydney.edu.au,CN=MicrosoftDNS,DC=ForestDnsZones,DC=samba4,DC=scem,DC=westernsydney,DC=edu,DC=au'
28-Sep-2015 17:20:19.626 database: warning: samba_dlz: Ignoring 
duplicate zone 'samba4.scem.westernsydney.edu.au' from 
'DC=@,DC=samba4.scem.westernsydney.edu.au,CN=MicrosoftDNS,DC=DomainDnsZones,DC=samba4,DC=scem,DC=westernsydney,DC=edu,DC=au'
28-Sep-2015 17:20:19.657 database: warning: samba_dlz: Ignoring 
duplicate zone '_msdcs.samba4.scem.westernsydney.edu.au' from 
'DC=@,DC=_msdcs.samba4.scem.westernsydney.edu.au,CN=MicrosoftDNS,DC=ForestDnsZones,DC=samba4,DC=scem,DC=westernsydney,DC=edu,DC=au'

     Is there any reason I'm getting these duplicate zone messages?


     I have now also set up a second and third DC (and need two more 
later), as we run over 5 different sites.  These also work well, apart 
from initially having trouble with after join replication. "samba-tool 
drl showrepl" showed up errors, but I think that was file permissions on 
the DNS stuff, and after going through the samba wiki again, these 
problems went away. and the DCs all seem to do what they are designed to 
do.  All good.

     However, on DC2 (samba4-10) I see the following in the DNS logs:

29-Sep-2015 10:57:43.108 database: error: samba_dlz b9_format: unhandled 
record type 0
29-Sep-2015 10:57:43.109 database: error: samba_dlz b9_format: unhandled 
record type 0

     Only once mind you.  Should I be concerned?  The other DCs didn't 
get this error.


     Lastly, as we are a multi site set up, we currently run bind using 
"Views".  I tried to incorporate the bind_DLZ stuff into a duplicate of 
our current bind set up, so that when samba_bind couldn't resolve an 
address, the rest of bind could, and respond with the correct "view" of 
the request.  It seemed to work, except that bind from time to time 
crashed.  I did post about this a while ago, but no response.

     However, my question is this:  Has anyone else done this?  If so, 
how?  It would be great if I can get this to go and respect the views 
for non samba.domain DNS queries.  For example. "nslookup 
print.scem.uws.edu.au" should always respond with the printer's IP at 
the campus that the request was made, rather than with the IP of the 
printer of the campus where the DNS server is which was queried.

     Any advice on any of this would be much appreciated.

-- 

Cheers,
David Minard.
Ph:    0247 360 155
Fax:    0247 360 770

School of Computing, Engineering, and Mathematics
Building Y - Penrith Campus (Kingswood)
Locked bag 1797
Penrith South DC
NSW 1797

[Sometimes waking up just isn't worth the insult of the day to come.]


-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

More information about the samba mailing list