[Samba] Cannot find invalid DNS entry

Tim Dittler tim.dittler at rosalux.org
Thu Jul 28 13:57:25 UTC 2016 

So no one has an idea what I can try additionally?

Thanks,
Tim


On 27.07.2016 16:54, mathias dufresne wrote:
> What would have better I reckon would have been to explain...
>
> We should not _write_ directly into these files because, as Andrew
> explained months ago, the change would not be replicated if applied
> directly on these files. To have changes replicated the change MUST be
> applied on sam.ldb file which is a wrapper.
>
> Sharing or not sharing, that is the question : )
>
> 2016-07-27 14:51 GMT+02:00 Rowland penny <rpenny at samba.org>:
>
>> On 27/07/16 13:40, mathias dufresne wrote:
>>
>>> Two files are hosting DNS data:
>>> /path/to/private/sam.ldb.d/DC=DOMAINDNSZONES,DC=blabla.ldb and
>>> /path/to/private/sam.ldb.d/DC=FORESTDNSZONES,DC=blabla.ldb
>>>
>>> DNS entries are sometimes (often? always?) base64 encoded. You should be
>>> able to "grep" for string these files with:
>>> ldbsearch --show-binary -H
>>> /path/to/private/sam.ldb.d/DC=FORESTDNSZONES,DC=blabla.ldb | grep "what
>>> you
>>> want"
>>>
>>> 2016-07-27 13:35 GMT+02:00 Tim Dittler <tim.dittler at rosalux.org>:
>>>
>>> Hello,
>>>> when I run
>>>>
>>>> samba_dnsupdate --verbose --all-names -d10
>>>> it gives me the following output:
>>>>
>>>> INFO: Current debug levels:
>>>>>    all: 10
>>>>>    tdb: 10
>>>>>    printdrivers: 10
>>>>>    lanman: 10
>>>>>    smb: 10
>>>>>    rpc_parse: 10
>>>>>    rpc_srv: 10
>>>>>    rpc_cli: 10
>>>>>    passdb: 10
>>>>>    sam: 10
>>>>>    auth: 10
>>>>>    winbind: 10
>>>>>    vfs: 10
>>>>>    idmap: 10
>>>>>    quota: 10
>>>>>    acls: 10
>>>>>    locking: 10
>>>>>    msdfs: 10
>>>>>    dmapi: 10
>>>>>    registry: 10
>>>>>    scavenger: 10
>>>>>    dns: 10
>>>>>    ldb: 10
>>>>> lpcfg_load: refreshing parameters from /etc/samba/smb.conf
>>>>> Processing section [retained]
>>>>> pm_process() returned Yes
>>>>> added interface brem1 ip=10.10.1.10 bcast=10.10.1.127
>>>>>
>>>> netmask=255.255.255.128
>>>>
>>>>> added interface lo ip=127.0.0.1 bcast=127.255.255.255 netmask=255.0.0.0
>>>>> IPs: ['10.10.1.10']
>>>>> Security token SIDs (1):
>>>>>    SID[  0]: S-1-5-18
>>>>>   Privileges (0xFFFFFFFFFFFFFFFF):
>>>>>    Privilege[  0]: SeMachineAccountPrivilege
>>>>>    Privilege[  1]: SeTakeOwnershipPrivilege
>>>>>    Privilege[  2]: SeBackupPrivilege
>>>>>    Privilege[  3]: SeRestorePrivilege
>>>>>    Privilege[  4]: SeRemoteShutdownPrivilege
>>>>>    Privilege[  5]: SePrintOperatorPrivilege
>>>>>    Privilege[  6]: SeAddUsersPrivilege
>>>>>    Privilege[  7]: SeDiskOperatorPrivilege
>>>>>    Privilege[  8]: SeSecurityPrivilege
>>>>>    Privilege[  9]: SeSystemtimePrivilege
>>>>>    Privilege[ 10]: SeShutdownPrivilege
>>>>>    Privilege[ 11]: SeDebugPrivilege
>>>>>    Privilege[ 12]: SeSystemEnvironmentPrivilege
>>>>>    Privilege[ 13]: SeSystemProfilePrivilege
>>>>>    Privilege[ 14]: SeProfileSingleProcessPrivilege
>>>>>    Privilege[ 15]: SeIncreaseBasePriorityPrivilege
>>>>>    Privilege[ 16]: SeLoadDriverPrivilege
>>>>>    Privilege[ 17]: SeCreatePagefilePrivilege
>>>>>    Privilege[ 18]: SeIncreaseQuotaPrivilege
>>>>>    Privilege[ 19]: SeChangeNotifyPrivilege
>>>>>    Privilege[ 20]: SeUndockPrivilege
>>>>>    Privilege[ 21]: SeManageVolumePrivilege
>>>>>    Privilege[ 22]: SeImpersonatePrivilege
>>>>>    Privilege[ 23]: SeCreateGlobalPrivilege
>>>>>    Privilege[ 24]: SeEnableDelegationPrivilege
>>>>>   Rights (0x               0):
>>>>> lpcfg_servicenumber: couldn't find ldb
>>>>> schema_fsmo_init: we are master[yes] updates allowed[no]
>>>>> schema_fsmo_init: we are master[yes] updates allowed[no]
>>>>> Traceback (most recent call last):
>>>>>    File "/usr/sbin/samba_dnsupdate", line 540, in <module>
>>>>>      c = parse_dns_line(line, {})
>>>>>    File "/usr/sbin/samba_dnsupdate", line 179, in parse_dns_line
>>>>>      return dnsobj(subline)
>>>>>    File "/usr/sbin/samba_dnsupdate", line 134, in __init__
>>>>>      raise Exception("Invalid DNS entry %r" % string_form)
>>>>> Exception: Invalid DNS entry 'TDB file'
>>>>>
>>>> However, I'm not able to find "TDB file" in any of the files in
>>>> /var/lib/samba/private/sam.ldb.d.
>>>>
>>>> Am I looking in the wrong place? Or how can I delete this DNS entry?
>>>>
>>>> Thank you very much,
>>>> Tim
>>>>
>>>>
>>>>
>>>> --
>>>> To unsubscribe from this list go to the following URL and read the
>>>> instructions:  https://lists.samba.org/mailman/options/samba
>>>>
>>>>
>> I wouldn't suggest doing this, unless things have changed, you shouldn't
>> directly act on the .ldb files stored in sam.ldb.d
>>
>> What you can do is:
>>
>> ldbsearch --show-binary --cross-ncs -H /path/to/sam.ldb | grep 'whatever'
>>
>> Rowland
>>
>>
>>
>> --
>> To unsubscribe from this list go to the following URL and read the
>> instructions:  https://lists.samba.org/mailman/options/samba
>>

More information about the samba mailing list