[Samba] Resurrecting old thread about DNS updates

Aaron C. de Bruyn aaron at heyaaron.com
Tue Dec 10 20:49:05 UTC 2024


Apparently I forgot I had this particular problem and that I had a
work-around:
https://lists.samba.org/archive/samba/2023-November/247069.html

But yeah...disjoining a computer, *and* deleting the computer account *and*
deleting the record out of DNS is still causing problems on various servers
I manage.

Currently on version 4.17.12-Debian

The Windows event log says the DNS server refused the registration:

The system failed to register host (A or AAAA) resource records (RRs) for
network adapter
with settings:

           Adapter Name : {BC956BF1-F2DD-41C8-9ED1-7E5DA37859BC}
           Host Name : USGGZHMOFC04
           Primary Domain Suffix : corp.cust.tld
           DNS server list :
              10.142.28.240, 10.142.28.254, 10.100.100.100
           Sent update to server : 10.142.28.240:53
           IP Address(es) :
             10.142.28.118

...and the only logging apparently relevant out of Samba is:
[2024/12/04 17:57:36.032964,  1]
../../source4/dns_server/dns_update.c:399(handle_one_update)
       discard_const(update): struct dns_res_rec
          name                     : 'USGGZHMOFC04.cust.tld'
          rr_type                  : DNS_QTYPE_A (0x1)
          rr_class                 : DNS_QCLASS_IN (0x1)
          ttl                      : 0x000004b0 (1200)
          length                   : 0x0004 (4)
          rdata                    : union dns_rdata(case 0x1)
          ipv4_record              : 10.142.28.118
          unexpected               : DATA_BLOB length=0

One thing I noticed when I tried the work-around I mentioned in the thread
was:

dnsmgmt.msc did NOT show a record for the computer.
"samba-tool dns query" did NOT show a record for the computer.
"samba-tool computer" did NOT show an account for the computer.

So I joined the computer, restarted, and ran "ipconfig /registerdns".  No
luck.

Then I manually created the DNS entry for it and went to the Security tab
to add the computer account, there was already an "unknown" account SID
listed.  Sorta like it was left-over from the previous entry that was
deleted....so I removed it and added the newly-joined computer account.

Basically re-using old names (even if you've deleted them everywhere)
causes problems and there's definitely something buggy there.  Since we
have a very specific naming format that allows up to 99 machines in an
office, names get re-used a few times per year when machines die and need
to be replaced.  I hate having to manually create them in DNS to work
around this. ;)

-A


More information about the samba mailing list