[Samba] Fwd: Two DNS issues with samba

Rowland Penny rpenny at samba.org
Sat Jun 8 16:36:33 UTC 2024 

On Sat, 8 Jun 2024 17:05:25 +0200
Ronny Preiss via samba <samba at lists.samba.org> wrote:

> Hi,
> 
> I have two problems with my 2 Samba AD-DC. I don't know if the two
> problems are related.
> Both domain controllers show the same error pattern for problem 1.The
> second problem only occurs with the second domain controller.
> The domain itself seems to work and be in order.
> Does someone know where this comes from and how to solve it?
> 
> ## Issue 1 ##
> By doing my random log checking, I saw the following error in syslog
> on both DC.
> I've changed nothing the last couple of weeks.
> 
> My Environment:
> 
> 2x Server Ubuntu 22.04.4 LTS with:
> - Samba Version 4.19.0 AC-DC (Selfcompiled default values)

No need to build Samba yourself, you can find packages here:

http://www.corpit.ru/mjt/packages/samba/

They are provided by the Debian Samba maintainer.

> 
> Samba version: 4.19.0

A bit 'old' the 4.19 branch is at 4.19.6


> 
> - DNS Backend Bind (BIND 9.18.18-0ubuntu0.22.04.2-Ubuntu)
> - SysVol is  in sync with rsync
> 
> ### ERROR ### /var/log/syslog
> root at 01-dc01:~# tail -f /var/log/syslog
> Jun  8 11:54:11 01-dc01 samba[931]: [2024/06/08 11:54:11.351034,  0]
> ../../lib/util/util_runcmd.c:355(samba_runcmd_io_handler)
> Jun  8 11:54:11 01-dc01 samba[931]:
>  /usr/local/samba/sbin/samba_dnsupdate: Traceback (most recent call
> last): Jun  8 11:54:11 01-dc01 samba[931]: [2024/06/08
> 11:54:11.352082,  0]
> ../../lib/util/util_runcmd.c:355(samba_runcmd_io_handler) Jun  8
> 11:54:11 01-dc01 samba[931]: /usr/local/samba/sbin/samba_dnsupdate:
> File "/usr/local/samba/sbin/samba_dnsupdate", line 883, in <module>
> Jun  8 11:54:11 01-dc01 samba[931]: [2024/06/08 11:54:11.352119,  0]
> ../../lib/util/util_runcmd.c:355(samba_runcmd_io_handler)
> Jun  8 11:54:11 01-dc01 samba[931]:
>  /usr/local/samba/sbin/samba_dnsupdate:     creds =
> get_credentials(lp) Jun  8 11:54:11 01-dc01 samba[931]: [2024/06/08
> 11:54:11.352132,  0]
> ../../lib/util/util_runcmd.c:355(samba_runcmd_io_handler) Jun  8
> 11:54:11 01-dc01 samba[931]: /usr/local/samba/sbin/samba_dnsupdate:
> File "/usr/local/samba/sbin/samba_dnsupdate", line 184, in
> get_credentials Jun  8 11:54:11 01-dc01 samba[931]: [2024/06/08
> 11:54:11.352144,  0]
> ../../lib/util/util_runcmd.c:355(samba_runcmd_io_handler) Jun  8
> 11:54:11 01-dc01 samba[931]: /usr/local/samba/sbin/samba_dnsupdate:
>   get_krb5_rw_dns_server(creds, sub_vars['DNSDOMAIN'] + '.')
> Jun  8 11:54:11 01-dc01 samba[931]: [2024/06/08 11:54:11.352158,  0]
> ../../lib/util/util_runcmd.c:355(samba_runcmd_io_handler)
> Jun  8 11:54:11 01-dc01 samba[931]:
>  /usr/local/samba/sbin/samba_dnsupdate:   File
> "/usr/local/samba/sbin/samba_dnsupdate", line 143, in
> get_krb5_rw_dns_server Jun  8 11:54:11 01-dc01 samba[931]:
> [2024/06/08 11:54:11.352203,  0]
> ../../lib/util/util_runcmd.c:355(samba_runcmd_io_handler) Jun  8
> 11:54:11 01-dc01 samba[931]: /usr/local/samba/sbin/samba_dnsupdate:
>   rw_dns_servers = get_possible_rw_dns_server(creds, domain)
> Jun  8 11:54:11 01-dc01 samba[931]: [2024/06/08 11:54:11.352239,  0]
> ../../lib/util/util_runcmd.c:355(samba_runcmd_io_handler)
> Jun  8 11:54:11 01-dc01 samba[931]:
>  /usr/local/samba/sbin/samba_dnsupdate:   File
> "/usr/local/samba/sbin/samba_dnsupdate", line 122, in
> get_possible_rw_dns_server
> Jun  8 11:54:11 01-dc01 samba[931]: [2024/06/08 11:54:11.352253,  0]
> ../../lib/util/util_runcmd.c:355(samba_runcmd_io_handler)
> Jun  8 11:54:11 01-dc01 samba[931]:
>  /usr/local/samba/sbin/samba_dnsupdate:     ans_soa =
> check_one_dns_name(domain, 'SOA')
> Jun  8 11:54:11 01-dc01 samba[931]: [2024/06/08 11:54:11.352267,  0]
> ../../lib/util/util_runcmd.c:355(samba_runcmd_io_handler)
> Jun  8 11:54:11 01-dc01 samba[931]:
>  /usr/local/samba/sbin/samba_dnsupdate:   File
> "/usr/local/samba/sbin/samba_dnsupdate", line 274, in
> check_one_dns_name Jun  8 11:54:11 01-dc01 samba[931]: [2024/06/08
> 11:54:11.352287,  0]
> ../../lib/util/util_runcmd.c:355(samba_runcmd_io_handler) Jun  8
> 11:54:11 01-dc01 samba[931]: /usr/local/samba/sbin/samba_dnsupdate:
>   return resolver.resolve(name, name_type)
> Jun  8 11:54:11 01-dc01 samba[931]: [2024/06/08 11:54:11.352302,  0]
> ../../lib/util/util_runcmd.c:355(samba_runcmd_io_handler)
> Jun  8 11:54:11 01-dc01 samba[931]:
>  /usr/local/samba/sbin/samba_dnsupdate:   File
> "/usr/lib/python3/dist-packages/dns/resolver.py", line 1202, in
> resolve Jun  8 11:54:11 01-dc01 samba[931]: [2024/06/08
> 11:54:11.352510,  0]
> ../../lib/util/util_runcmd.c:355(samba_runcmd_io_handler) Jun  8
> 11:54:11 01-dc01 samba[931]: /usr/local/samba/sbin/samba_dnsupdate:
>   (answer, done) = resolution.query_result(response, None)
> Jun  8 11:54:11 01-dc01 samba[931]: [2024/06/08 11:54:11.352551,  0]
> ../../lib/util/util_runcmd.c:355(samba_runcmd_io_handler)
> Jun  8 11:54:11 01-dc01 samba[931]:
>  /usr/local/samba/sbin/samba_dnsupdate:   File
> "/usr/lib/python3/dist-packages/dns/resolver.py", line 674, in
> query_result Jun  8 11:54:11 01-dc01 samba[931]: [2024/06/08
> 11:54:11.352693,  0]
> ../../lib/util/util_runcmd.c:355(samba_runcmd_io_handler) Jun  8
> 11:54:11 01-dc01 samba[931]: /usr/local/samba/sbin/samba_dnsupdate:
>   raise NoAnswer(response=answer.response)
> Jun  8 11:54:11 01-dc01 samba[931]: [2024/06/08 11:54:11.352783,  0]
> ../../lib/util/util_runcmd.c:355(samba_runcmd_io_handler)
> Jun  8 11:54:11 01-dc01 samba[931]:
>  /usr/local/samba/sbin/samba_dnsupdate: dns.resolver.NoAnswer: The DNS
> response does not contain an answer to the question:
> intern.preiss.network. IN SOA
> Jun  8 11:54:11 01-dc01 samba[931]: [2024/06/08 11:54:11.383823,  0]
> ../../source4/dsdb/dns/dns_update.c:85(dnsupdate_nameupdate_done)
> Jun  8 11:54:11 01-dc01 samba[931]:   dnsupdate_nameupdate_done:
> Failed DNS update with exit code 1
> ###
> 
> Manual nslookup for the SOA entry works:
> 
> root at 01-dc01:~# nslookup -q=SOA intern.preiss.network 10.10.10.11
> Server:         10.10.10.11
> Address:        10.10.10.11#53
> 
> intern.preiss.network
>         origin = 01-dc01.intern.preiss.network
>         mail addr = hostmaster.intern.preiss.network
>         serial = 1159
>         refresh = 900
>         retry = 600
>         expire = 86400
>         minimum = 3600
> 
> ### Issue 2 ####
> 
> ### ERROR ### /var/log/syslog
> root at 01-dc02:~# tail -f /var/log/syslog
> Jun  8 13:01:31 01-dc02 samba[996]: [2024/06/08 13:01:31.057443,  0]
> ../../source4/rpc_server/dn
> 
>  sserver/dcerpc_dnsserver.c:1076(dnsserver_query_zone)
> Jun  8 13:01:31 01-dc02 samba[996]:   dnsserver: Invalid zone
> operation IsSigned
> Jun  8 13:01:31 01-dc02 samba[996]: [2024/06/08 13:01:31.060313,  0]
> ../../source4/rpc_server/dn
> 
>  sserver/dcerpc_dnsserver.c:1076(dnsserver_query_zone)
> Jun  8 13:01:31 01-dc02 samba[996]:   dnsserver: Invalid zone
> operation IsSigned
> Jun  8 13:01:31 01-dc02 samba[996]: [2024/06/08 13:01:31.061385,  0]
> ../../source4/rpc_server/dn
> 
>  sserver/dcerpc_dnsserver.c:1076(dnsserver_query_zone)
> Jun  8 13:01:31 01-dc02 samba[996]:   dnsserver: Invalid zone
> operation IsSigned
> 
> 
> Kind regards, Ronny

Can you please post the contents of the following files

/etc/hostname
/etc/hosts
/etc/resolv.conf
/etc/bind/named.conf
/etc/bind/named.conf.options
/etc/bind/named.conf.local
/etc/bind/named.conf.default-zones

Rowland

More information about the samba mailing list