[Samba] Phantom DNS records visible with dig, but not samba-tool dns

ash-samba at comtek.co.uk ash-samba at comtek.co.uk
Tue Sep 13 15:45:10 UTC 2016 

> Now you have identified what the records, you should be able to remove
> the required records with samba-tool, for instance, if you wanted to
> remove the record for ' HAWAII', try this:
>
> samba-tool dns delete 127.0.0.1 _msdcs.chester-dc.example.com
> _ldap._tcp.dc SRV  'HAWAII.chester-dc.example.com 389 0 100'
>

Well, thanks. This worked for hawaii and alaska, but the two extra 
invalid v-ward values (v-ward.chester-dc.com, v-ward.chester-dc) can't 
be deleted, and one correct v-ward record 
(v-ward.chester-dc.example.com) simply doesn't display with samba-tool 
dns query. So:

# samba-tool dns delete 127.0.0.1 _msdcs.chester-dc.example.com 
_ldap._tcp.dc srv 'HAWAII.chester-dc.example.com 389 0 100'
Cannot do GSSAPI to an IP address
Password for [ash at CHESTER-DC.EXAMPLE.COM]:
Record deleted successfully
# samba-tool dns delete 127.0.0.1 _msdcs.chester-dc.example.com 
_ldap._tcp.dc srv 'ALASKA.chester-dc.example.com 389 0 100'
Cannot do GSSAPI to an IP address
Password for [ash at CHESTER-DC.EXAMPLE.COM]:
Record deleted successfully
# samba-tool dns delete 127.0.0.1 _msdcs.chester-dc.example.com 
_ldap._tcp.dc srv 'v-ward.chester-dc.com 389 0 100'
Cannot do GSSAPI to an IP address
Password for [ash at CHESTER-DC.EXAMPLE.COM]:
ERROR: Record does not exist
# samba-tool dns delete 127.0.0.1 _msdcs.chester-dc.example.com 
_ldap._tcp.dc srv 'v-ward.chester-dc 389 0 100'
Cannot do GSSAPI to an IP address
Password for [ash at CHESTER-DC.EXAMPLE.COM]:
ERROR: Record does not exist
#samba-tool dns query 127.0.0.1 _msdcs.chester-dc.example.com 
_ldap._tcp.dc srv
Cannot do GSSAPI to an IP address
Password for [ash at CHESTER-DC.EXAMPLE.COM]:
   Name=, Records=1, Children=0
     SRV: v-fief.chester-dc.example.com. (389, 0, 100) (flags=f0, 
serial=110, ttl=0)

#dig _ldap._tcp.dc._msdcs.chester-dc.example.com srv

; <<>> DiG 9.9.5-9+deb8u4-Debian <<>> 
_ldap._tcp.dc._msdcs.chester-dc.example.com srv
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 193
;; flags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;_ldap._tcp.dc._msdcs.chester-dc.example.com. IN SRV

;; ANSWER SECTION:
_ldap._tcp.dc._msdcs.chester-dc.example.com. 0 IN SRV 0 100 389 
v-fief.chester-dc.example.com.
_ldap._tcp.dc._msdcs.chester-dc.example.com. 0 IN SRV 0 100 389 
v-ward.chester-dc.example.com.
_ldap._tcp.dc._msdcs.chester-dc.example.com. 0 IN SRV 0 100 389 
v-ward.chester-dc.com.
_ldap._tcp.dc._msdcs.chester-dc.example.com. 0 IN SRV 0 100 389 
v-ward.chester-dc.

;; Query time: 1 msec
;; SERVER: 10.4.4.10#53(10.4.4.10)
;; WHEN: Tue Sep 13 16:29:01 BST 2016
;; MSG SIZE  rcvd: 253

More information about the samba mailing list