[Samba] Phantom DNS records visible with dig, but not samba-tool dns
ash-samba at comtek.co.uk
ash-samba at comtek.co.uk
Fri Sep 9 14:59:34 UTC 2016
We appear to have some phantom DNS records on both our domain controllers.
We can see the records using "dig", but not with samba-tool. We can't remove the records either.
(v-ward and v-fief are the DCs, Hawaii and Alaska are old DCs which were demoted without errors, I'm trying to clean up some DNS records which don't seem to have been cleaned).
All machines are 4.2.10-Debian
Can anybody advise how I can fix this? Ideally in this case there would only be two records.
Console output follows
Thanks,
root at v-ward# samba-tool dns query v-ward _msdcs.chester-dc.example.com _ldap._tcp.dc srv
Password for [ash at CHESTER-DC.EXAMPLE.COM]:
Name=, Records=3, Children=0
SRV: HAWAII.chester-dc.example.com. (389, 0, 100) (flags=f0, serial=110, ttl=900)
SRV: ALASKA.chester-dc.example.com. (389, 0, 100) (flags=f0, serial=110, ttl=900)
SRV: v-fief.chester-dc.example.com. (389, 0, 100) (flags=f0, serial=110, ttl=0)
root at v-ward# samba-tool dns delete v-ward _msdcs.chester-dc.example.com _ldap._tcp.dc srv "v-ward.chester-dc. 389 0 100"
Password for [ash at CHESTER-DC.EXAMPLE.COM]:
ERROR: Record does not exist
#(10.4.4.155 is samba on v-ward)
# dig _ldap._tcp.dc._msdcs.chester-dc.example.com srv @10.4.4.155
; <<>> DiG 9.9.5-9+deb8u4-Debian <<>> _ldap._tcp.dc._msdcs.chester-dc.example.com srv @10.4.4.155
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 14081
;; flags: qr aa rd ra ad; QUERY: 1, ANSWER: 6, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;_ldap._tcp.dc._msdcs.chester-dc.example.com. IN SRV
;; ANSWER SECTION:
_ldap._tcp.dc._msdcs.chester-dc.example.com. 900 IN SRV 0 100 389 HAWAII.chester-dc.example.com.
_ldap._tcp.dc._msdcs.chester-dc.example.com. 900 IN SRV 0 100 389 ALASKA.chester-dc.example.com.
_ldap._tcp.dc._msdcs.chester-dc.example.com. 0 IN SRV 0 100 389 v-fief.chester-dc.example.com.
_ldap._tcp.dc._msdcs.chester-dc.example.com. 0 IN SRV 0 100 389 v-ward.chester-dc.example.com.
_ldap._tcp.dc._msdcs.chester-dc.example.com. 0 IN SRV 0 100 389 v-ward.chester-dc.co.uk.
_ldap._tcp.dc._msdcs.chester-dc.example.com. 0 IN SRV 0 100 389 v-ward.chester-dc.
;; Query time: 0 msec
;; SERVER: 10.4.4.155#53(10.4.4.155)
;; WHEN: Fri Sep 09 15:38:48 BST 2016
;; MSG SIZE rcvd: 245
# testparm
Load smb config files from /etc/samba/smb.conf
Processing section "[netlogon]"
Processing section "[sysvol]"
Loaded services file OK.
Server role: ROLE_ACTIVE_DIRECTORY_DC
Press enter to see a dump of your service definitions
# Global parameters
[global]
workgroup = CHESTER-DC
realm = CHESTER-DC.EXAMPLE.COM
server role = active directory domain controller
passdb backend = samba_dsdb
log file = /var/log/samba/log.%m
max log size = 1000
client ldap sasl wrapping = plain
ldap server require strong auth = No
load printers = No
cups server = printers.example.com
panic action = /usr/share/samba/panic-action %d
dns forwarder = 10.4.4.10
rpc_server:tcpip = no
rpc_server:winreg = embedded
rpc_server:ntsvcs = embedded
rpc_server:eventlog = embedded
rpc_server:srvsvc = embedded
rpc_server:svcctl = embedded
rpc_server:default = external
winbindd:use external pipes = true
acl:read = false
rpc_daemon:spoolssd = embedded
rpc_server:spoolss = embedded
idmap config chester-dc : range = 1000-999999
idmap config chester-dc : backend = ad
idmap config * : range = 1000000-1999999
idmap_ldb:use rfc2307 = yes
idmap config * : backend = tdb
map archive = No
map readonly = no
store dos attributes = Yes
include = /etc/samba/smb.common
vfs objects = dfs_samba4 acl_xattr
More information about the samba
mailing list