[Samba] problem whith samba and dnsupdate command

jmpatagonia jmpatagonia at gmail.com
Tue Aug 25 11:55:21 UTC 2020 

Hello Rowland we have a dnsmasq as a dns server and we want to use this
service a dns server, now on the status of samba we see the next errors:

root at domain-server2:~# /etc/init.d/samba-ad-dc status
â samba-ad-dc.service - Samba AD Daemon
   Loaded: loaded (/lib/systemd/system/samba-ad-dc.service; enabled; vendor
preset: enabled)
   Active: active (running) since Mon 2020-08-24 11:23:53 -03; 21h ago
     Docs: man:samba(8)
           man:samba(7)
           man:smb.conf(5)
 Main PID: 6583 (samba)
   Status: "smbd: ready to serve connections..."
    Tasks: 22 (limit: 2318)
   CGroup: /system.slice/samba-ad-dc.service
           ââ6583 /usr/sbin/samba --foreground --no-process-group
           ââ6591 /usr/sbin/samba --foreground --no-process-group
           ââ6594 /usr/sbin/samba --foreground --no-process-group
           ââ6596 /usr/sbin/samba --foreground --no-process-group
           ââ6598 /usr/sbin/samba --foreground --no-process-group
           ââ6599 /usr/sbin/smbd -D --option=server role check:inhibit=yes
--foreground
           ââ6601 /usr/sbin/samba --foreground --no-process-group
           ââ6603 /usr/sbin/samba --foreground --no-process-group
           ââ6607 /usr/sbin/samba --foreground --no-process-group
           ââ6608 /usr/sbin/samba --foreground --no-process-group
           ââ6610 /usr/sbin/samba --foreground --no-process-group
           ââ6611 /usr/sbin/samba --foreground --no-process-group
           ââ6612 /usr/sbin/samba --foreground --no-process-group
           ââ6613 /usr/sbin/samba --foreground --no-process-group
           ââ6614 /usr/sbin/winbindd -D --option=server role
check:inhibit=yes --foreground
           ââ6615 /usr/sbin/samba --foreground --no-process-group
           ââ6617 /usr/sbin/samba --foreground --no-process-group
           ââ6619 /usr/sbin/samba --foreground --no-process-group
           ââ6627 /usr/sbin/smbd -D --option=server role check:inhibit=yes
--foreground
           ââ6628 /usr/sbin/smbd -D --option=server role check:inhibit=yes
--foreground
           ââ6631 /usr/sbin/winbindd -D --option=server role
check:inhibit=yes --foreground
           ââ8370 /usr/sbin/winbindd -D --option=server role
check:inhibit=yes --foreground

ago 25 08:44:05 domain-server2 samba[6617]: [2020/08/25 08:44:05.183449,
 0, pid=6617, effective(0, 0), real(0, 0)]
../lib/util/util_runcmd.c:327(samba_runâ¦_io_handler)
ago 25 08:44:05 domain-server2 samba[6617]:   /usr/sbin/samba_dnsupdate:
File "/usr/lib/python2.7/dist-packages/samba/netcmd/__init__.py", line 176,
in _run
ago 25 08:44:05 domain-server2 samba[6617]: [2020/08/25 08:44:05.184592,
 0, pid=6617, effective(0, 0), real(0, 0)]
../lib/util/util_runcmd.c:327(samba_runâ¦_io_handler)
ago 25 08:44:05 domain-server2 samba[6617]:   /usr/sbin/samba_dnsupdate:
  return self.run(*args, **kwargs)
ago 25 08:44:05 domain-server2 samba[6617]: [2020/08/25 08:44:05.186445,
 0, pid=6617, effective(0, 0), real(0, 0)]
../lib/util/util_runcmd.c:327(samba_runâ¦_io_handler)
ago 25 08:44:05 domain-server2 samba[6617]:   /usr/sbin/samba_dnsupdate:
File "/usr/lib/python2.7/dist-packages/samba/netcmd/dns.py", line 940, in
run
ago 25 08:44:05 domain-server2 samba[6617]: [2020/08/25 08:44:05.187457,
 0, pid=6617, effective(0, 0), real(0, 0)]
../lib/util/util_runcmd.c:327(samba_runâ¦_io_handler)
ago 25 08:44:05 domain-server2 samba[6617]:   /usr/sbin/samba_dnsupdate:
  raise e
ago 25 08:44:05 domain-server2 samba[6617]: [2020/08/25 08:44:05.226789,
 0, pid=6617, effective(0, 0), real(0, 0)]
../source4/dsdb/dns/dns_update.c:290(dnâ¦update_done)
ago 25 08:44:05 domain-server2 samba[6617]:
../source4/dsdb/dns/dns_update.c:290: Failed DNS update - with error code 29
Hint: Some lines were ellipsized, use -l to show in full.

Also on syslog we see:

Aug 25 08:44:04 domain-server2 samba[6617]:   /usr/sbin/samba_dnsupdate:
ERROR(runtime): uncaught exception - (9711,
'WERR_DNS_ERROR_RECORD_ALREADY_EXISTS')
Aug 25 08:44:04 domain-server2 samba[6617]: [2020/08/25 08:44:04.843376,
 0, pid=6617, effective(0, 0), real(0, 0)]
../lib/util/util_runcmd.c:327(samba_runcmd_io_handler)
Aug 25 08:44:04 domain-server2 samba[6617]:   /usr/sbin/samba_dnsupdate:
File "/usr/lib/python2.7/dist-packages/samba/netcmd/__init__.py", line 176,
in _run
Aug 25 08:44:04 domain-server2 samba[6617]: [2020/08/25 08:44:04.844850,
 0, pid=6617, effective(0, 0), real(0, 0)]
../lib/util/util_runcmd.c:327(samba_runcmd_io_handler)
Aug 25 08:44:04 domain-server2 samba[6617]:   /usr/sbin/samba_dnsupdate:
  return self.run(*args, **kwargs)
Aug 25 08:44:04 domain-server2 samba[6617]: [2020/08/25 08:44:04.849982,
 0, pid=6617, effective(0, 0), real(0, 0)]
../lib/util/util_runcmd.c:327(samba_runcmd_io_handler)
Aug 25 08:44:04 domain-server2 samba[6617]:   /usr/sbin/samba_dnsupdate:
File "/usr/lib/python2.7/dist-packages/samba/netcmd/dns.py", line 940, in
run
Aug 25 08:44:04 domain-server2 samba[6617]: [2020/08/25 08:44:04.851007,
 0, pid=6617, effective(0, 0), real(0, 0)]
../lib/util/util_runcmd.c:327(samba_runcmd_io_handler)
Aug 25 08:44:04 domain-server2 samba[6617]:   /usr/sbin/samba_dnsupdate:
  raise e
Aug 25 08:44:04 domain-server2 samba[6617]: [2020/08/25 08:44:04.950176,
 0, pid=6617, effective(0, 0), real(0, 0)]
../lib/util/util_runcmd.c:327(samba_runcmd_io_handler)
Aug 25 08:44:04 domain-server2 samba[6617]:   /usr/sbin/samba_dnsupdate:
ERROR(runtime): uncaught exception - (9711,
'WERR_DNS_ERROR_RECORD_ALREADY_EXISTS')
Aug 25 08:44:04 domain-server2 samba[6617]: [2020/08/25 08:44:04.951688,
 0, pid=6617, effective(0, 0), real(0, 0)]
../lib/util/util_runcmd.c:327(samba_runcmd_io_handler)
Aug 25 08:44:04 domain-server2 samba[6617]:   /usr/sbin/samba_dnsupdate:
File "/usr/lib/python2.7/dist-packages/samba/netcmd/__init__.py", line 176,
in _run
Aug 25 08:44:04 domain-server2 samba[6617]: [2020/08/25 08:44:04.952930,
 0, pid=6617, effective(0, 0), real(0, 0)]
../lib/util/util_runcmd.c:327(samba_runcmd_io_handler)
Aug 25 08:44:04 domain-server2 samba[6617]:   /usr/sbin/samba_dnsupdate:
  return self.run(*args, **kwargs)
Aug 25 08:44:04 domain-server2 samba[6617]: [2020/08/25 08:44:04.954043,
 0, pid=6617, effective(0, 0), real(0, 0)]
../lib/util/util_runcmd.c:327(samba_runcmd_io_handler)
Aug 25 08:44:04 domain-server2 samba[6617]:   /usr/sbin/samba_dnsupdate:
File "/usr/lib/python2.7/dist-packages/samba/netcmd/dns.py", line 940, in
run
Aug 25 08:44:04 domain-server2 samba[6617]: [2020/08/25 08:44:04.955054,
 0, pid=6617, effective(0, 0), real(0, 0)]
../lib/util/util_runcmd.c:327(samba_runcmd_io_handler)
Aug 25 08:44:04 domain-server2 samba[6617]:   /usr/sbin/samba_dnsupdate:
  raise e
Aug 25 08:44:05 domain-server2 samba[6617]: [2020/08/25 08:44:05.066001,
 0, pid=6617, effective(0, 0), real(0, 0)]
../lib/util/util_runcmd.c:327(samba_runcmd_io_handler)
Aug 25 08:44:05 domain-server2 samba[6617]:   /usr/sbin/samba_dnsupdate:
ERROR(runtime): uncaught exception - (9711,
'WERR_DNS_ERROR_RECORD_ALREADY_EXISTS')
Aug 25 08:44:05 domain-server2 samba[6617]: [2020/08/25 08:44:05.068126,
 0, pid=6617, effective(0, 0), real(0, 0)]
../lib/util/util_runcmd.c:327(samba_runcmd_io_handler)

How can we repair this ? regards


El lun., 24 ago. 2020 a las 11:26, Rowland penny via samba (<
samba at lists.samba.org>) escribió:

> On 24/08/2020 15:15, jmpatagonia via samba wrote:
> > Problem whith dnsupdate -->
> >
> > /etc/samba#  samba_dnsupdate --all-names --fail-immediately
> > Failed to get Kerberos credentials, falling back to samba-tool: kinit for
> > DOMAIN-SERVER2$@POLICIA2.RIONEGRO.GOV.AR failed (Cannot contact any KDC
> for
> > requested realm)
> >
> > ERROR(runtime): uncaught exception - (9711,
> > 'WERR_DNS_ERROR_RECORD_ALREADY_EXISTS')
> >    File "/usr/lib/python2.7/dist-packages/samba/netcmd/__init__.py", line
> > 176, in _run
> >      return self.run(*args, **kwargs)
> >    File "/usr/lib/python2.7/dist-packages/samba/netcmd/dns.py", line
> 940, in
> > run
> >      raise e
> >
> > My dns server is a "dnmasq" and it is on another server.
> >
> > cat /etc/resolv.conf
> > nameserver 10.xx.x.xx
>
> OK, you are running 'samba_dnsupdate', so this means a DC (if it isn't,
> why are you running the command ?), which means you cannot run dnsmasq
> on it. Point the nameserver to its own ipaddress and remove dnsmasq.
>
> It sounds like you are possibly running a strange (to AD) dns setup, the
> DC(s) must be authoritative for the AD domain and all domain computers
> must use the DC(s) as their nameservers and anything outside the AD
> domain will be forwarded to external dns servers by the DC(s).
>
> Rowland
>
>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba
>

More information about the samba mailing list