[Samba] HELP: bind asserting after creating RODC

Greg Dickie greg at justaguy.ca
Tue Jul 25 00:45:16 UTC 2017 

Hi there,

  Haven't had to post in a long time because everything has been working
great BUT I just tried to add a 4.6.6 RODC to a domain where the other DCs
are running 4.3.5 (I know). I've been using bind DLZ. All of a sudden bind
is asserting with

Jul 24 20:09:02 ads1 named[7441]: zone 16.172.in-addr.arpa/NONE: (other)
removed
Jul 24 20:09:02 ads1 named[7441]: zone 80.16.172.in-addr.arpa/NONE: (other)
removed
Jul 24 20:09:02 ads1 named[7441]: zone fps.lan/NONE: (other) removed
Jul 24 20:09:02 ads1 named[7441]: zone _msdcs.fps.lan/NONE: (other) removed
Jul 24 20:09:02 ads1 named[7441]: zone.c:4586: REQUIRE(prev > 0) failed,
back trace


Which seems to be

dns_zone_detach(dns_zone_t **zonep) {
        dns_zone_t *zone;
        dns_zone_t *raw = NULL;
        dns_zone_t *secure = NULL;
        unsigned int refs;
        isc_boolean_t free_now = ISC_FALSE;

        REQUIRE(zonep != NULL && DNS_ZONE_VALID(*zonep));


Kind of screwed since this is hosting everything in the office.
It "looks" like perhaps adding the RODC added some dummy zones because
before that I see

Jul 24 20:09:02 ads1 named[7441]: samba_dlz: Ignoring duplicate zone
'80.16.172.in-addr.arpa' from
'DC=@,DC=80.16.172.in-addr.arpa,CN=MicrosoftDNS,DC=DomainDnsZones,DC=fps,DC=lan'
Jul 24 20:09:02 ads1 named[7441]: samba_dlz: Ignoring duplicate zone
'16.172.in-addr.arpa' from
'DC=@,DC=16.172.in-addr.arpa,CN=MicrosoftDNS,DC=DomainDnsZones,DC=fps,DC=lan'
Jul 24 20:09:02 ads1 named[7441]: samba_dlz: Ignoring duplicate zone
'fps.lan' from
'DC=@,DC=fps.lan,CN=MicrosoftDNS,DC=DomainDnsZones,DC=fps,DC=lan'
Jul 24 20:09:02 ads1 named[7441]: samba_dlz: Ignoring duplicate zone
'_msdcs.fps.lan' from
'DC=@,DC=_msdcs.fps.lan,CN=MicrosoftDNS,DC=ForestDnsZones,DC=fps,DC=lan'

Any ideas what I did wrong and what I can do to correct it?

I've already demoted the RODC.

I'm thinking about upgrading to 4.6.6 on the other DCs or trying to hack
the LDB to remove the new entries.

Any ideas?

Thanks,
Gredg



-- 


Greg Dickie
just a guy
514-983-5400

More information about the samba mailing list