[Samba] dNSTombstoned

Christian Naumer cn at brain-biotech.de
Wed Mar 18 19:48:55 UTC 2020

Hello you all,
with the new samba version out that fixes some problems with dns
scavenging I have decided to try this feature.
I was specifically interested for our reverse zone (PTR records)

We have one zone for VPN clients 8.0.10.in-addr.arpa. I activated the
feature in the smb.conf as well as in the Windows DNS manager.
Entries are deleted (not visible in DNS manager) after a while.

You can still see them in ADSI-Edit. Those that are invisible have
"dNSTombstoned: TRUE" set the others have either FALSE or the attribute
is not there at all.

My problem is this if an entry was deleted and has "dNSTombstoned: TRUE"
it still has the same owner and therefore a new computer that got the
same IP from our VPN gateway can not set this entry to point to itself.

Shouldn't the code that deletes (or marks as deleted/tombstoned) unset
the owner? or is this by design?

Also "samba-tool domain tombstones expunge --tombstone-lifetime=0" does
not delete the records with "dNSTombstoned: TRUE". Is this a different

Until now what I do is delete the entries manually in ADSI. This works
as expected.

Any hint how to get this working?



Dr. Christian Naumer
Unit Head Bioprocess Development
B.R.A.I.N Aktiengesellschaft
Darmstaedter Str. 34-36, D-64673 Zwingenberg
e-mail cn at brain-biotech.com, homepage www.brain-biotech.com
fon +49-6251-9331-30  /   fax +49-6251-9331-11

Sitz der Gesellschaft: Zwingenberg/Bergstrasse
Registergericht AG Darmstadt, HRB 24758
Vorstand: Adriaan Moelker (Vorstandsvorsitzender), 
Manfred Bender, Ludger Roedder
Aufsichtsratsvorsitzender: Dr. Georg Kellinghusen

More information about the samba mailing list