[Samba] dns replication error due to deleted records
Rowland penny
rpenny at samba.org
Thu Oct 10 19:07:19 UTC 2019
On 10/10/2019 19:56, Luca Olivetti via samba wrote:
> El 10/10/19 a les 20:41, Rowland penny via samba ha escrit:
>
>>> It turns out that dc2 chokes on "\0ADEL" dns records, supposedly
>>> deleted objects.
>>
>> What you have there is known as a tombstone record and Samba has a
>> tool to remove them:
>>
>> samba-tool domain tombstones expunge NC
>> --tombstone-lifetime=TOMBSTONE_LIFETIME
>>
>> Where 'NC' is the naming context and 'TOMBSTONE_LIFETIME' is the days
>> to keep deleted records for.
>
>
> Good to know, but why do they trigger the replication problem?
Not sure they are, they could just be an artefact of the replication
problem.
>
>>
>>>
>>> I found a "solution" here:
>>>
>>> https://www.dotnetcatch.com/2018/06/19/samba-replication-failures/
>>>
>>> The procedure to solve it is not exactly the same but it put me on
>>> the, hopefully, right track. I scripted it since it got tiresome and
>>> it solved the replication problem, for a while, but now it
>>> reappeared (that's the message above).
>>>
>>> This started on September 25, when I upgraded dc2 from stretch to
>>> buster. A few days later I also upgraded dc1 (it was still running
>>> jessie).
>>>
>>> I'm using internal dns and the dhcp server talks to dc1 to update
>>> the dns records, that would explain why there are records to
>>> replicate but doesn't explain why samba fails (when it didn't before).
>>
>> How is the dhcp server updating the dns records ?
>
> Using this method:
>
> https://wiki.archlinux.org/index.php/Samba/Active_Directory_domain_controller#DHCP_with_dynamic_DNS_updates
>
>
> TLDR: it does a "samba-tool dns add" when a host get a lease and
> "samba-tool dns delete" when it releases it or expires.
>
It works in a similar way to how I update dns records and I have similar
records in AD and they replicate.
Can you post your dhcpd.conf and smb.conf
Rowland
More information about the samba
mailing list