[Samba] dns replication error due to deleted records

Luca Olivetti luca at wetron.es
Fri Oct 11 13:58:16 UTC 2019 

El 10/10/19 a les 20:23, Luca Olivetti via samba ha escrit:
> Today I noticed something that has been going on for some weeks:
> 
> I have 2 dc, (dc1 and dc2) both debian buster with the distro provided 
> samba (4.9.5), recently upgraded from stretch.
> 
> samba-tool drs showrepl on dc2 says
> 
> DC=DomainDnsZones,DC=samba,DC=wetron,DC=es
>          Default-First-Site-Name\DC1 via RPC
>                  DSA object GUID: 89812346-9037-43b0-86ab-c5052f55125d
>                  Last attempt @ Thu Oct 10 20:05:28 2019 CEST failed, 
> result 58 (WERR_BAD_NET_RESP)
>                  273 consecutive failure(s).
>                  Last success @ Thu Oct 10 12:05:27 2019 CEST
> 
> (the rest of the incoming replications are fine, only the DomainDnsZone 
> fails).
> 
> It turns out that dc2 chokes on "\0ADEL" dns records, supposedly deleted 
> objects.
> 
> I found a "solution" here:
> 
> https://www.dotnetcatch.com/2018/06/19/samba-replication-failures/
> 
> The procedure to solve it is not exactly the same but it put me on the, 
> hopefully, right track. I scripted it since it got tiresome and it 
> solved the replication problem, for a while, but now it reappeared 
> (that's the message above).
> 
> This started on September 25, when I upgraded dc2 from stretch to 
> buster. A few days later I also upgraded dc1 (it was still running jessie).
> 
> I'm using internal dns and the dhcp server talks to dc1 to update the 
> dns records, that would explain why there are records to replicate but 
> doesn't explain why samba fails (when it didn't before).

The problem persists :-(

DC=DomainDnsZones,DC=samba,DC=wetron,DC=es
         Default-First-Site-Name\DC1 via RPC
                 DSA object GUID: 89812346-9037-43b0-86ab-c5052f55125d
                 Last attempt @ Fri Oct 11 15:50:30 2019 CEST failed, 
result 58 (WERR_BAD_NET_RESP)
                 283 consecutive failure(s).
                 Last success @ Fri Oct 11 08:35:30 2019 CEST

samba-tool dbcheck --cross-ncs gives no error on both DCs (though dc1 is 
reporting 20276 objects and dc2 20180, after cleaning the bad entries 
the count is 20272 on dc1 and 20208 on dc2)


The strange thing is that this is happening now with both DCs running 
buster with the same samba version and never happened when dc1 was 
running jessie and dc2 stretch.

Bye
-- 
Luca Olivetti
Wetron Automation Technology http://www.wetron.es/
Tel. +34 93 5883004 (Ext.3010)  Fax +34 93 5883007

More information about the samba mailing list