[Samba] bogus record in _msdcs zone in samba-dc

Rowland penny rpenny at samba.org
Mon May 18 15:26:18 UTC 2020


On 18/05/2020 14:15, Alex via samba wrote
> Questions:
> 1. Is it safe to delete it using ADSIEdit (for example)
Yes, but I would use ldbdel
> 2. Why can't I query and/or delete it using standard means?

Probably because it is a wrong record ????

Try running this on a DC:

ldbsearch --cross-ncs --show-binary -H /var/lib/samba/private/sam.ldb -b 
'DC=_msdcs.domain.com,CN=MicrosoftDNS,DC=ForestDnsZones,DC=domain,DC=com' 
-s sub '(objectClass=dnsNode)'

You might have to divert the output to a file to capture all the output, 
you should then be able to work out the ldbdel command.

Rowland





More information about the samba mailing list