[Samba] AD bind DNS broken after 4.7.3 -> 4.9.2 upgrade
Viktor Trojanovic
viktor at troja.ch
Wed Jan 2 22:37:34 UTC 2019
> On 2 Jan 2019, at 22:43, Rowland Penny via samba <samba at lists.samba.org> wrote:
>
> On Wed, 2 Jan 2019 19:35:04 +0000
> Rowland Penny via samba <samba at lists.samba.org> wrote:
>
>> On Wed, 02 Jan 2019 20:09:44 +0100
>> Král Gergely via samba <samba at lists.samba.org> wrote:
>>
>>> 2018-12-31 20:50 időpontban L.P.H. van Belle via samba ezt írta:
>>>> Can you try to upgrade to any 4.8 version then to 4.9.4?
>>>> might work, atleast my guess this will have a better chance get
>>>> passed this bug.
>>>>
>>>
>>> I can confirm that an upgrade to 4.7.3 to 4.8.5 works. But!
>>>
>>>
>>> After upgrading the dnsupdate did not work, giving these log
>>> messages:
>>>
>>> [2019/01/02 19:18:42.908955, 0]
>>> ../source4/smbd/server.c:466(binary_smbd_main)
>>> samba version 4.8.5-Debian started.
>>> Copyright Andrew Tridgell and the Samba Team 1992-2018
>>> [2019/01/02 19:18:56.468276, 0]
>>> ../source4/smbd/server.c:638(binary_smbd_main)
>>> binary_smbd_main: samba: using 'standard' process model
>>> [2019/01/02 19:19:00.030904, 0]
>>> ../lib/util/util_runcmd.c:327(samba_runcmd_io_handler)
>>> /usr/sbin/samba_dnsupdate: ERROR(runtime): uncaught exception -
>>> (9711, 'WERR_DNS_ERROR_RECORD_ALREADY_EXISTS')
>>> [2019/01/02 19:19:00.031193, 0]
>>> ../lib/util/util_runcmd.c:327(samba_runcmd_io_handler)
>>> /usr/sbin/samba_dnsupdate: File
>>> "/usr/lib/python2.7/dist-packages/samba/netcmd/__init__.py", line
>>> 176, in _run
>>> [2019/01/02 19:19:00.031286, 0]
>>> ../lib/util/util_runcmd.c:327(samba_runcmd_io_handler)
>>> /usr/sbin/samba_dnsupdate: return self.run(*args, **kwargs)
>>> [2019/01/02 19:19:00.031360, 0]
>>> ../lib/util/util_runcmd.c:327(samba_runcmd_io_handler)
>>> /usr/sbin/samba_dnsupdate: File
>>> "/usr/lib/python2.7/dist-packages/samba/netcmd/dns.py", line 940, in
>>> run [2019/01/02 19:19:00.031595, 0]
>>> ../lib/util/util_runcmd.c:327(samba_runcmd_io_handler)
>>> /usr/sbin/samba_dnsupdate: raise e
>>> [2019/01/02 19:19:00.471859, 0]
>>> ../lib/util/util_runcmd.c:327(samba_runcmd_io_handler)
>>> /usr/sbin/samba_dnsupdate: ERROR(runtime): uncaught exception -
>>> (9711, 'WERR_DNS_ERROR_RECORD_ALREADY_EXISTS')
>>> [2019/01/02 19:19:00.472011, 0]
>>> ../lib/util/util_runcmd.c:327(samba_runcmd_io_handler)
>>> /usr/sbin/samba_dnsupdate: File
>>> "/usr/lib/python2.7/dist-packages/samba/netcmd/__init__.py", line
>>> 176, in _run
>>> [2019/01/02 19:19:00.472084, 0]
>>> ../lib/util/util_runcmd.c:327(samba_runcmd_io_handler)
>>> /usr/sbin/samba_dnsupdate: return self.run(*args, **kwargs)
>>> [2019/01/02 19:19:00.472238, 0]
>>> ../lib/util/util_runcmd.c:327(samba_runcmd_io_handler)
>>> /usr/sbin/samba_dnsupdate: File
>>> "/usr/lib/python2.7/dist-packages/samba/netcmd/dns.py", line 940, in
>>> run [2019/01/02 19:19:00.472301, 0]
>>> ../lib/util/util_runcmd.c:327(samba_runcmd_io_handler)
>>> /usr/sbin/samba_dnsupdate: raise e
>>>
>>> and so on...
>>>
>>> After downgrading from 4.9.2 back to 4.7.3 I experienced the same,
>>> and I could fix it by running "samba_upgradedns
>>> --dns-backend=BIND9_DLZ" (at least I guess this fixed it). The
>>> results of this command were basically the same as on the wiki page.
>>> But this time the result was exactly the same as with 4.9.2:
>>>
>>> isa:~/# samba_upgradedns --dns-backend=BIND9_DLZ
>>> Reading domain information
>>> DNS accounts already exist
>>> No zone file /var/lib/samba/bind-dns/dns/MYAD.DOMAIN.EU.zone
>>> DNS records will be automatically created
>>> DNS partitions already exist
>>> dns-isa account already exists
>>> Failed to create link /var/lib/samba/private/dns.keytab ->
>>> /var/lib/samba/bind-dns/dns.keytab: No such file or directory
>>> Failed to chown /var/lib/samba/bind-dns to bind gid 107
>>> Failed to chown /var/lib/samba/bind-dns/dns.keytab to bind gid 107
>>> Traceback (most recent call last):
>>> File "/usr/sbin/samba_upgradedns", line 533, in <module>
>>> create_dns_dir(logger, paths)
>>> File
>>> "/usr/lib/python2.7/dist-packages/samba/provision/sambadns.py", line
>>> 697, in create_dns_dir os.mkdir(dns_dir, 0770)
>>> OSError: [Errno 2] No such file or directory:
>>> '/var/lib/samba/bind-dns/dns'
>>>
>>>
>>> I started to panic, but since I ran this with samba stopped, I
>>> restarted samba and the error messages are gone! The names are
>>> resolved and the clients are happily updating the records.
>>>
>>>
>>> So to summarize, I do not know how it got fixed and why upgradedns
>>> does not work, but I believe the bug is already included somewhere
>>> in the 4.8 branch. Even if it works.
>>>
>>>
>>
>> OK, this is what I am going to do, I will provision 4.7.12 again,
>> upgrade it to 4.8.8 and if this works, then upgrade it to 4.9.4,
>> expecting this to fail, this will then give us a search vector.
>>
>> Rowland
>>
>
> This is weird, provisioned 4.7.12 without problem
> upgraded to 4.8.8, again without problem
> Upgraded to 4.9.4, again without problem
>
> Yet if you upgrade from 4.7.12 directly to 4.9.4 it errors.
>
> I wonder if the new sam.ldb GUID mode introduced at 4.8.0 is the
> culprit ?
>
>
Hi Rowland,
As I mentioned in my own thread, I have another, almost identical system with 4.9.4 running without issues. The only difference: I upgraded to 4.8.x before upgrading to 4.9.4. So, I can confirm your findings.
Viktor
More information about the samba
mailing list