[Samba] bogus record in _msdcs zone in samba-dc
Alex
samba at abisoft.biz
Tue May 19 09:46:17 UTC 2020
>> One record I've finally found that looks suspicious:
>> # ldbsearch --cross-ncs --show-binary -H /usr/local/samba/private/sam.ldb -b 'DC=vm-dc4.domain.com.,DC=_msdcs.domain.com,CN=MicrosoftDNS,DC=ForestDnsZones,DC=domain,DC=com' -s sub
>>
>> # record 1
>> dn: DC=vm-dc4.domain.com.,DC=_msdcs.domain.com,CN=MicrosoftDNS,DC=ForestDnsZones,DC=domain,DC=com
>> I considered it suspicious b/c no similar record exists for vm-dc1:
>> # ldbsearch --cross-ncs --show-binary -H /usr/local/samba/private/sam.ldb -b DC=vm-dc1.domain.com.,DC=_msdcs.domain.com,CN=MicrosoftDNS,DC=ForestDnsZones,DC=domain,DC=com -s sub
>> search error - No such Base DN: DC=vm-dc1.domain.com.,DC=_msdcs.domain.com,CN=MicrosoftDNS,DC=ForestDnsZones,DC=domain,DC=com
>>
>> What do you think?
>>
> Strange, I do not have any computer (let alone DC) records in the forest
> zone, this is one of my DC's record:
> dn:
> DC=DC01,DC=samdom.example.com,CN=MicrosoftDNS,DC=DomainDnsZones,DC=samdom,DC=example,DC=com
This looks like a domain zone, not a forest zone..
Anyway, I was able to delete that strange record using ADSIEdit tool and now
everything seems to be good.
Thanks for your help!
--
Best regards,
Alex
More information about the samba
mailing list