[Samba] cant start bind9 after dc upgrade 4.17 > 4.18

Fabrizio Rompani fabrizio.rompani at yetopen.com
Sat Jul 22 06:09:53 UTC 2023 

hi, thank's for the reply . 

yes , there're 2 interfaces. 
But afaik only eth1 should listen: 


my smb.conf
# Global parameters
[global]
        interfaces = eth1
        netbios name = DC-CLOUD
        realm = WDC.[DOMAIN].IT
        server role = active directory domain controller
        workgroup = [WG]
        server services = -dns

        log file = /var/log/samba/%m.log
        log level = 3

        dns forwarder = 9.9.9.9 

[sysvol]
        path = /var/lib/samba/sysvol
        read only = No

[netlogon]
        path = /var/lib/samba/sysvol/wdc.[DOMAIN].it/scripts
        read only = No
~                                  


anyway I SOLVED the original issue adding new dns record as suggested  (many thank's) 

Now, I just have this NOTE and WARNING that  dbcheck --fix, actually  wont fix! 

are they relevant? 
thanks



on dc-lan: 

root at dc-lan:~# samba-tool dbcheck --cross-ncs
Checking 3799 objects
NOTE: old (due to rename or delete) DN string component for lastKnownParent in object CN=d2f4e4ba-73cb-455c-be5c-0003b4cf89cb\0ADEL:47ca39e1-c155-4d5f-9218-312fc7bd3dea,CN=Deleted Objects,CN=Configuration,DC=wdc,DC=[DOM],DC=it - CN=NTDS Settings,CN=DC-LAN,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=wdc,DC=[DOM],DC=it
Not fixing old string component


on dc-cloud: 

root at dc-cloud:~# samba-tool dbcheck --cross-ncs
Checking 3799 objects
NOTE: old (due to rename or delete) DN string component for lastKnownParent in object CN=d2f4e4ba-73cb-455c-be5c-0003b4cf89cb\0ADEL:47ca39e1-c155-4d5f-9218-312fc7bd3dea,CN=Deleted Objects,CN=Configuration,DC=wdc,DC=[DOM],DC=it - CN=NTDS Settings,CN=DC-LAN,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=wdc,DC=[DOM],DC=it
Not fixing old string component
WARNING: target DN is deleted for msDS-NC-Replica-Locations in object CN=d507d031-d5ed-4a17-aa59-fe402d421657,CN=Partitions,CN=Configuration,DC=wdc,DC=[DOM],DC=it - <GUID=556c12ac-ca45-40c7-8b53-3025e0d033da>;<RMD_ADDTIME=133023728930000000>;<RMD_CHANGETIME=133023728930000000>;<RMD_FLAGS=0>;<RMD_INVOCID=d47796f9-1336-49b3-b872-f08a25c4373b>;<RMD_LOCAL_USN=3893>;<RMD_ORIGINATING_USN=3942>;<RMD_VERSION=1>;CN=NTDS Settings,CN=DC-LAN,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=wdc,DC=[DOM],DC=it
Target GUID points at deleted DN 'CN=NTDS Settings\\0ADEL:556c12ac-ca45-40c7-8b53-3025e0d033da,CN=DC-LAN\\0ADEL:39be7509-8389-47ea-afba-1bb1c640e574,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=wdc,DC=[DOM],DC=it'
Not removing




----- Messaggio originale -----
Da: "Rowland Penny via samba" <samba at lists.samba.org>
A: "samba" <samba at lists.samba.org>
Cc: "Rowland Penny" <rpenny at samba.org>
Inviato: Sabato, 22 luglio 2023 7:45:30
Oggetto: Re: [Samba] cant start bind9 after dc upgrade 4.17 > 4.18

On 21/07/2023 23:24, Fabrizio Rompani via samba wrote:
> hi all
> I have 2 DC joined to the same domain .
> both with ubuntu 20 and samba 4.17 ( MichaelTokarev repos) with Bind9 as dns.
> After Upgraded the first dc to ubuntu 22 and 4.18 I' m not able to start bind9 .
> Also the second DC has been broken DNS , and after a BIND9 restart It wont start anymore.
> 
> any help?
> thanks
> rf
> 
> 

Your DC appears to have two ipaddress's :

Jul 21 23:49:14 dc-cloud named[637]: listening on IPv4 interface eth0, 
75.119.155.151#53
Jul 21 23:49:14 dc-cloud named[637]: listening on IPv4 interface eth1, 
192.168.8.1#53

Yet the failing reversezone doesn't match either:

Jul 21 23:49:14 dc-cloud named[637]: zone 1.168.192.in-addr.arpa/NONE: 
has no NS records

It might be a good idea to post your smb.conf and named conf files.

Rowland

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Corso Martiri della Liberazione 114 - 23900 Lecco - ITALY - | 4801 Glenwood Avenue - Suite 200 - Raleigh, NC 27612 - USA -
Tel +39 0341 220 205 - info.it at yetopen.com  | Phone +1 919-817-8106 - info.us at yetopen.com

Think green - Non stampare questa e-mail se non necessario / Don't print this email unless necessary

-------- D.Lgs. 196/2003 e GDPR 679/2016 --------
Tutte le informazioni contenute in questo messaggio sono riservate ed a uso esclusivo del destinatario.
Tutte le informazioni ivi contenute, compresi eventuali allegati, sono da ritenere confidenziali e riservate secondo i termini
del vigente D.Lgs. 196/2003 in materia di privacy e del Regolamento europeo 679/2016 - GDPR - e quindi ne e' proibita l'utilizzazione ulteriore non autorizzata.
Nel caso in cui questo messaggio Le fosse pervenuto per errore, La invitiamo ad eliminarlo senza copiarlo, stamparlo, a non inoltrarlo a terzi e ad avvertirci non appena possibile.
Grazie.

Confidentiality notice: this email message including any attachment is for the sole use of the intended recipient and may contain confidential and privileged information;
pursuant to Legislative Decree 196/2003 and the European General Data Protection Regulation 679/2016 - GDPR - any unauthorized review, use, disclosure or distribution
is prohibited. If you are not the intended recepient please delete this message without copying, printing or forwarding it to others, and alert us as soon as possible.
Thank you.

More information about the samba mailing list