[Samba] Samba Internal DNS - no AAAA records

Olivier MARTIN olivier at labapart.com
Thu Nov 2 10:50:03 UTC 2023 

Hello all,
I am trying to find out how the AAAA records are added in my SambA AD DC 
setup but it is not clear how they should be added.

Here are my zones:

   pszZoneName                 : 56.168.192.in-addr.arpa
   Flags                       : DNS_RPC_ZONE_DSINTEGRATED 
DNS_RPC_ZONE_UPDATE_SECURE
   ZoneType                    : DNS_ZONE_TYPE_PRIMARY
   Version                     : 50
   dwDpFlags                   : DNS_DP_AUTOCREATED 
DNS_DP_DOMAIN_DEFAULT DNS_DP_ENLISTED
   pszDpFqdn                   : DomainDnsZones.samdom.vm-myserver

   pszZoneName                 : 0.0.0.0.0.8.e.f.ip6.arpa
   Flags                       : DNS_RPC_ZONE_DSINTEGRATED 
DNS_RPC_ZONE_UPDATE_SECURE
   ZoneType                    : DNS_ZONE_TYPE_PRIMARY
   Version                     : 50
   dwDpFlags                   : DNS_DP_AUTOCREATED 
DNS_DP_DOMAIN_DEFAULT DNS_DP_ENLISTED
   pszDpFqdn                   : DomainDnsZones.samdom.vm-myserver

   pszZoneName                 : samdom.vm-myserver
   Flags                       : DNS_RPC_ZONE_DSINTEGRATED 
DNS_RPC_ZONE_UPDATE_SECURE
   ZoneType                    : DNS_ZONE_TYPE_PRIMARY
   Version                     : 50
   dwDpFlags                   : DNS_DP_AUTOCREATED 
DNS_DP_DOMAIN_DEFAULT DNS_DP_ENLISTED
   pszDpFqdn                   : DomainDnsZones.samdom.vm-myserver

   pszZoneName                 : _msdcs.samdom.vm-myserver
   Flags                       : DNS_RPC_ZONE_DSINTEGRATED 
DNS_RPC_ZONE_UPDATE_SECURE
   ZoneType                    : DNS_ZONE_TYPE_PRIMARY
   Version                     : 50
   dwDpFlags                   : DNS_DP_AUTOCREATED 
DNS_DP_FOREST_DEFAULT DNS_DP_ENLISTED
   pszDpFqdn                   : ForestDnsZones.samdom.vm-myserver

My DC has an ipv6 address:

$ ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN 
group default qlen 1000
     link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
     inet 127.0.0.1/8 scope host lo
        valid_lft forever preferred_lft forever
     inet6 ::1/128 scope host noprefixroute
        valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state 
UP group default qlen 1000
     link/ether 08:00:27:8d:c0:4d brd ff:ff:ff:ff:ff:ff
     altname enp0s3
     inet 10.0.2.15/24 brd 10.0.2.255 scope global dynamic eth0
        valid_lft 78916sec preferred_lft 78916sec
     inet6 fe80::a00:27ff:fe8d:c04d/64 scope link
        valid_lft forever preferred_lft forever

No problem to retrieve the A record:

$ host -t A dc1.samdom.vm-myserver
dc1.samdom.vm-myserver has address 192.168.56.10

But no AAAA record:

$ host -t AAAA dc1.samdom.vm-myserver
dc1.samdom.vm-myserver has no AAAA record

I have not touched /var/lib/samba/private/dns_update_list:

A ${HOSTNAME}                                           $IP
AAAA ${HOSTNAME}                                           $IP
(...)

I am using samba version 4.17.12-Debian (Samba shipped with Debian 12).

Quering the Samba internal DNS also confirmed AAAA records are not present:

$ sudo samba-tool dns query dc1.samdom.vm-myserver samdom.vm-myserver @ 
ALL  -U Administrator
Processing section "[sysvol]"
Processing section "[netlogon]"
Processing section "[homes]"
Processing section "[share]"
pm_process() returned Yes
GENSEC backend 'gssapi_spnego' registered
GENSEC backend 'gssapi_krb5' registered
GENSEC backend 'gssapi_krb5_sasl' registered
GENSEC backend 'spnego' registered
GENSEC backend 'schannel' registered
GENSEC backend 'ncalrpc_as_system' registered
GENSEC backend 'sasl-EXTERNAL' registered
GENSEC backend 'ntlmssp' registered
GENSEC backend 'ntlmssp_resume_ccache' registered
GENSEC backend 'http_basic' registered
GENSEC backend 'http_ntlm' registered
GENSEC backend 'http_negotiate' registered
GENSEC backend 'krb5' registered
GENSEC backend 'fake_gssapi_krb5' registered
Using binding ncacn_ip_tcp:dc1.samdom.vm-myserver[,sign]
Mapped to DCERPC endpoint 135
resolve_lmhosts: Attempting lmhosts lookup for name 
dc1.samdom.vm-myserver<0x20>
startlmhosts: Can't open lmhosts file /etc/samba/lmhosts. Error was No 
such file or directory
Mapped to DCERPC endpoint 49153
resolve_lmhosts: Attempting lmhosts lookup for name 
dc1.samdom.vm-myserver<0x20>
startlmhosts: Can't open lmhosts file /etc/samba/lmhosts. Error was No 
such file or directory
Received smb_krb5 packet of length 380
Received smb_krb5 packet of length 289
   Name=, Records=3, Children=0
     SOA: serial=1, refresh=900, retry=600, expire=86400, minttl=3600, 
ns=dc1.samdom.vm-myserver., email=hostmaster.samdom.vm-myserver. 
(flags=600000f0, serial=1, ttl=3600)
     NS: dc1.samdom.vm-myserver. (flags=600000f0, serial=1, ttl=900)
     A: 192.168.56.10 (flags=600000f0, serial=1, ttl=900)
   Name=_msdcs, Records=0, Children=0
   Name=_sites, Records=0, Children=1
   Name=_tcp, Records=0, Children=4
   Name=_udp, Records=0, Children=2
   Name=dc1, Records=1, Children=0
     A: 192.168.56.10 (flags=f0, serial=1, ttl=900)
   Name=DomainDnsZones, Records=0, Children=2
   Name=ForestDnsZones, Records=0, Children=2

Thanks in advance,
Olivier

More information about the samba mailing list