[Samba] DNS "internal db error", samba 4.1.9

Mike Lykov combr at samges.ru
Tue Nov 8 07:20:07 UTC 2016


Hi all!

I operate an AD domain on samba4, provisioned some years ago. At 
provision some dns zones created, linked to my domain.

I name domain as subdomain of my internet domain:
AD dc.samges.ru, internet zone samges.ru

Forward zones:
dc.samges.ru	
_msdcs.dc.samges.ru

All worked normal, but then my coworker create forward zone
samges.ru (using windows RSAT tools)

It serves some names, I can add names to it but not delete records from 
it. When I try, I got this error:

root at ad51:~# samba-tool dns delete ad51.samges.ru samges.ru vjud A 
213.156.210.216 -U lmy
GENSEC backend 'gssapi_spnego' registered
GENSEC backend 'gssapi_krb5' registered
GENSEC backend 'gssapi_krb5_sasl' registered
GENSEC backend 'schannel' registered
GENSEC backend 'spnego' registered
GENSEC backend 'ntlmssp' registered
GENSEC backend 'krb5' registered
GENSEC backend 'fake_gssapi_krb5' registered
Using binding ncacn_ip_tcp:ad51.samges.ru[,sign]
Password for [SAMGES\lmy]:
... (-d 10 debug level follows)
GSSAPI Connection will be cryptographically signed
../librpc/rpc/dcerpc_util.c:140: auth_pad_length 0
rpc request data:
[0000] 00 00 07 00 00 00 00 00   00 00 02 00 0F 00 00 00   ........ ........
[0010] 00 00 00 00 0F 00 00 00   61 00 64 00 35 00 31 00   ........ a.d.5.1.
[0020] 2E 00 73 00 61 00 6D 00   67 00 65 00 73 00 2E 00   ..s.a.m. g.e.s...
[0030] 72 00 75 00 00 00 00 00   04 00 02 00 0A 00 00 00   r.u..... ........
[0040] 00 00 00 00 0A 00 00 00   73 61 6D 67 65 73 2E 72   ........ samges.r
[0050] 75 00 00 00 08 00 02 00   0A 00 00 00 00 00 00 00   u....... ........
[0060] 0A 00 00 00 74 68 65 73   69 73 2D 63 74 00 00 00   ....thes is-ct...
[0070] 00 00 00 00 01 00 00 00   01 00 00 00 00 00 00 00   ........ ........
[0080] 00 00 00 00                                       ....
../librpc/rpc/dcerpc_util.c:140: auth_pad_length 4
rpc reply data:
[0000] 2C 00 00 00 0C 00 02 00   2C 00 00 00 10 00 01 00   ,....... ,.......
[0010] 00 00 00 00 00 00 00 00   00 00 00 00 04 00 01 00   ........ ........
[0020] F0 00 00 00 05 00 00 00   10 0E 00 00 5C 9A 37 00   ........ ....\.7.
[0030] 00 00 00 00 AC 10 D6 9F   00 00 00 00              ........ ....
rpc request data:
[0000] 00 00 07 00 00 00 00 00   00 00 02 00 0F 00 00 00   ........ ........
[0010] 00 00 00 00 0F 00 00 00   61 00 64 00 35 00 31 00   ........ a.d.5.1.
[0020] 2E 00 73 00 61 00 6D 00   67 00 65 00 73 00 2E 00   ..s.a.m. g.e.s...
[0030] 72 00 75 00 00 00 00 00   04 00 02 00 0A 00 00 00   r.u..... ........
[0040] 00 00 00 00 0A 00 00 00   73 61 6D 67 65 73 2E 72   ........ samges.r
[0050] 75 00 00 00 0A 00 00 00   00 00 00 00 0A 00 00 00   u....... ........
[0060] 74 68 65 73 69 73 2D 63   74 00 00 00 00 00 00 00   thesis-c t.......
[0070] 08 00 02 00 04 00 00 00   04 00 01 00 F0 00 00 00   ........ ........
[0080] 05 00 00 00 10 0E 00 00   5C 9A 37 00 00 00 00 00   ........ \.7.....
[0090] AC 10 D6 9F                                       ....
../librpc/rpc/dcerpc_util.c:140: auth_pad_length 12
rpc reply data:
[0000] 67 05 00 00                                       g...
ERROR(runtime): uncaught exception - (1383, 'WERR_INTERNAL_DB_ERROR')
   File "/usr/lib/python2.7/dist-packages/samba/netcmd/__init__.py", 
line 175, in _run
     return self.run(*args, **kwargs)
   File "/usr/lib/python2.7/dist-packages/samba/netcmd/dns.py", line 
1184, in run
     del_rec_buf)


Windows RSAT tool also show this error. How to I can check internal DNS 
DB and fix it? samba-tool dbcheck work only with LDAP catalog? It show 
no errors on that DC (one of two).

I want completely delete zone samges.ru from DCs, forwarding to other 
nameserver is configured and working.
But while this zone exist on DC it serves first, but not forwarded.

-- 
Mike Lykov, system administrator



More information about the samba mailing list