[Samba] Device ends up with multiple dns records and IP addresses

Sebastian Arcus s.arcus at open-t.co.uk
Fri Oct 22 21:15:07 UTC 2021 

On 22/10/2021 16:28, Rowland Penny via samba wrote:
> On Wed, 2021-10-20 at 11:40 +0100, Sebastian Arcus via samba wrote:
>> I have a server with:
>>
>> Samba 4.9.4 in AD mode
>> Bind 9.14.2
>> ISC Dhcpd 4.4.1
>>
>> Samba is configured to use Bind for the dns back-end, and dynamic
>> dns
>> updates from dhcpd->Samba->Bind are configured using the script at
>> Samba.org
>>
>> I have this strange situation where one of the printers has ended up
>> with 11 records in the dns back-end:
>>
>> # host SEC001599AB9439
>> SEC001599AB9439.ihs-uk.lan has address 192.168.51.184
>> SEC001599AB9439.ihs-uk.lan has address 192.168.51.176
>> SEC001599AB9439.ihs-uk.lan has address 192.168.51.179
>> SEC001599AB9439.ihs-uk.lan has address 192.168.51.144
>> SEC001599AB9439.ihs-uk.lan has address 192.168.51.241
>> SEC001599AB9439.ihs-uk.lan has address 192.168.51.229
>> SEC001599AB9439.ihs-uk.lan has address 192.168.51.231
>> SEC001599AB9439.ihs-uk.lan has address 192.168.51.172
>> SEC001599AB9439.ihs-uk.lan has address 192.168.51.177
>> SEC001599AB9439.ihs-uk.lan has address 192.168.51.235
>> SEC001599AB9439.ihs-uk.lan has address 192.168.51.182
>>
>> In order to start troubleshooting, I can't get my head around which
>> software is not working properly. Is it the job of dhcpd not to allow
>> a
>> same device to request a different IP, or is it the Samba script, or
>> Samba, or Bind? Which one should normally prevent this from
>> happening?
>> Thank you much for any suggestions.
> 
> Sorry to be so long in replying.
> 
> Not sure what is going on here.
> 
> dhcp passes the full ipaddress to the update script e.g. 192.168.0.56
> 
> in the 'add' case, any existing 'A' record for the computer is obtained
> by running 'samba-tool dns query'. If no record is found, a new one is
> added. If an 'A' record that matches the supplied ipaddress is found,
> then nothing happens. finally, if the ipaddress found by samba-tool is
> different from the ipaddress passed to the script, then the existing
> 'A' record is deleted and a new one added.
> 
> Is there any way that the printer is updating its own record ?

Thank you for getting back to me with the detailed info. I guess I must 
have an older version of the script, as the 'add' case uses the 
following code to obtain the A record for the computer (at the top it 
reads v0.9.0):

     # does host have an existing 'A' record ?
     A_REC=$(host -t A "${name}" | awk '{print $NF}')

Still, I'm not sure how the above could have resulted in multiple 'A' 
records.

Regarding your question, I can't really think how the printer would be 
able to update its own dns record. It is a Samsung SCX-4833FD - and I 
can't see how it would have the authority to ask Bind or Samba to update 
the record directly. Even if it tried, I believe it would be refused - I 
think?

I am a bit mystified by all this. I deleted all the A records for this 
printer, and let it renew its IP address. It's been 4 days and I've just 
checked - it still has only one A record.

I guess I'll keep an eye on things, and if it happens again, I will try 
to run the ddns update script by hand, and see if I can figure out what 
is happening.

Still, your explanation above was very useful - thank you again for 
taking the time.

Sebastian

More information about the samba mailing list