[Samba] Phantom DNS records visible with dig, but not samba-tool dns
Rowland Penny
rpenny at samba.org
Mon Sep 12 19:47:09 UTC 2016
On Mon, 12 Sep 2016 15:41:24 -0400
lingpanda101--- via samba <samba at lists.samba.org> wrote:
> On 9/12/2016 3:23 PM, ash-samba--- via samba wrote:
> > On 09/09/16 16:35, lingpanda101--- via samba wrote:
> >> On 9/9/2016 10:59 AM, ash-samba--- via samba wrote:
> >>> We appear to have some phantom DNS records on both our domain
> >>> controllers.
> >>> [...]
> >>> # dig _ldap._tcp.dc._msdcs.chester-dc.example.com srv @10.4.4.155
> >>> [...]
> >>>
> >>
> >> For me I had to use ADSI edit to remove the entries.
> >>
> > I've managed to locate the entries using ADSI edit ( for any future
> > archive readers, open ADSI edit, and then connect using
> > "DC=ForestDCZones,dc=chester-dc,dc=example,dc=com" as the naming
> > context, the records are under CN=MicrosoftDNS).
> >
> > The thing is, if I open, say DC=_ldap._tcp.dc and then look at
> > dnsRecord the entries are using some kind of encoding (a series of
> > backslash prefixed 2 digit hex values).
> >
> > I'm unsure which records to delete, and I'm somewhat concerned about
> > experimenting since I can't clearly tell what is going on with the
> > regular tools (AD DNS/samba-tool). A possibly greater problem is
> > that I can't actually search to see which records need modification.
> >
> > Will there be any impact if I just leave the corrupt records in
> > place?
> >
> > Are there any tools to automate fixing things?
> >
> > Thanks,
> >
> >
> >
>
> I see what you mean by the value of DNS. That's normal. It's in
> hexadecimal.
>
Not if you you know what tool to use, where to use it and the magic
incantation ;-)
# editing 1 records
# record 1
dn: DC=_ldap._tcp.pdc,DC=_msdcs.samdom.example.com,CN=MicrosoftDNS,DC=ForestDnsZones,DC=samdom,DC=example,DC=com
objectClass: top
objectClass: dnsNode
instanceType: 4
whenCreated: 20151106115626.0Z
whenChanged: 20151106115626.0Z
uSNCreated: 3683
uSNChanged: 3683
showInAdvancedViewOnly: TRUE
name: _ldap._tcp.pdc
objectGUID: 77be2b80-e5c7-46bb-a410-7d7c5c02efa7
dnsRecord: NDR: struct dnsp_DnssrvRpcRecord
wDataLength : 0x0020 (32)
wType : DNS_TYPE_SRV (33)
version : 0x05 (5)
rank : DNS_RANK_ZONE (240)
flags : 0x0000 (0)
dwSerial : 0x00000001 (1)
dwTtlSeconds : 0x00000384 (900)
dwReserved : 0x00000000 (0)
dwTimeStamp : 0x00000000 (0)
data : union dnsRecordData(case 33)
srv: struct dnsp_srv
wPriority : 0x0000 (0)
wWeight : 0x0064 (100)
wPort : 0x0185 (389)
nameTarget : dc1.samdom.example.com
objectCategory: CN=Dns-Node,CN=Schema,CN=Configuration,DC=samdom,DC=example,DC=com
dc: _ldap._tcp.pdc
distinguishedName: DC=_ldap._tcp.pdc,DC=_msdcs.samdom.example.com,CN=MicrosoftDNS,DC=ForestDnsZones,DC=samdom,DC=example,DC=com
And to get it editable:
ldbedit -e nano -H /usr/local/samba/private/sam.ldb --cross-ncs
--show-binary -b
'DC=_ldap._tcp.pdc,DC=_msdcs.samdom.example.com,CN=MicrosoftDNS,DC=ForestDnsZones,DC=samdom,DC=example,DC=com'
-s base
All on one line, run on a DC.
Rowland
More information about the samba
mailing list