[Samba] Accidental zone deletion

Chris Puttick chris.puttick at cp1associates.net
Tue Jun 22 07:16:24 UTC 2021 

Thanks for the response, about what we feared. For interest on one of the DCs we tried 

samba_upgradedns --dns-backend=SAMBA_INTERNAL --migrate=no

and got the response

# samba_upgradedns --dns-backend=SAMBA_INTERNAL --migrate=no
Reading domain information
DNS accounts already exist
No zone file /var/lib/samba/private/dns/OXARCH.LOCAL.zone
DNS records will be automatically created
DNS partitions already exist
Finished upgrading DNS

Found the comment about "no zone file" interesting because that directory doesn't exist and AFAIK has never existed (Ubuntu 18.04 running Samba 4.7.6-Ubuntu).


----- Original Message -----
From: "Andrew Bartlett" <abartlet at samba.org>
To: "Chris Puttick" <chris.puttick at cp1associates.net>, "samba" <samba at lists.samba.org>
Sent: Tuesday, 22 June, 2021 06:47:29
Subject: Re: [Samba] Accidental zone deletion

On Tue, 2021-06-22 at 05:29 +0000, Chris Puttick via samba wrote:
> Hi 
> 
> We have a situation where an MS admin used the AD utilities to tidy
> up an neighbouring (MS-based) domain but was attached to the wrong DC
> and deleted the wrongdomain.local zone file (which is apparently a
> bit of a thing in MS circles); by the time said admin realised the
> deletion had replicated across DCs on all sites. How do we recreate
> it, in partiular the contents? Hoping the answer is "just manually
> create the zone and it'll repopulate". 
> 
> Any suggestions welcomed... 

I assume of course you mean the zone in a Samba AD DC, not a simple
.zone file.

This has happened, and yes, I do think we should prevent it at the
database level, as nobody ever really means to do that.  Last time that
happened we helped a client jury-rig up a backup of the sam.ldb into
BIND9-DLZ (so only DNS used the old data), allowing service to somewhat
continue while things were fixed back up.

However, I'm sorry to say it won't just be regenerated, while Samba
will try and re-register itself every now and then, I wouldn't count on
it getting back the way you found it fast.

How are your backups?

Andrew Bartlett

-- 
Andrew Bartlett (he/him)       https://samba.org/~abartlet/
Samba Team Member (since 2001) https://samba.org
Samba Team Lead, Catalyst IT   https://catalyst.net.nz/services/samba

Samba Development and Support, Catalyst IT - Expert Open Source
Solutions

More information about the samba mailing list