[Samba] DNS reverse zones creation locked down.

Rowland Penny rpenny at samba.org
Fri Nov 22 10:29:39 UTC 2024


On Thu, 21 Nov 2024 15:09:49 +0100
denis bonnenfant--- via samba <samba at lists.samba.org> wrote:

> Hello, I'm resending my old message, as despite of lots of tests and 
> checks, I still have the same problem.
> 
> I'm facing a big problem with my Samba AD configuration :
> 
> When trying to create a new reverse DNS zone on a DC, it fails with
> error :
> 
> 
> root at se4ad2:~# samba-tool dns zonecreate se4ad2
> 54.19.172.in-addr.arpa -Uadmin
> Password for [XXXXX\admin]:
> ERROR(runtime): uncaught exception - (1383, 'WERR_INTERNAL_DB_ERROR')
>    File "/usr/lib/python3/dist-packages/samba/netcmd/__init__.py",
> line 285, in _run
>      return self.run(*args, **kwargs)
>             ^^^^^^^^^^^^^^^^^^^^^^^^^
>    File "/usr/lib/python3/dist-packages/samba/netcmd/dns.py", line
> 973, in run
>      dns_conn.DnssrvOperation2(client_version, 0, server, None,
>    File "/usr/lib/python3/dist-packages/samba/netcmd/dns.py", line
> 119, in f
>      return attr(*args)
>             ^^^^^^^^^^^
> 
> Same kind of error using ADSI  DNS console, and with other Domain
> Admin accounts.
> 
> I run dbcheck --cross-ncs --fix,  and tried the same operation on all 
> the other DCs.
> 
> I even tried to join a new DC, hoping that replication will repair
> the database  but i had exactly the same error with this new one.
> 
> 
> Samba Version is 4.20.0, and it is running with internal DNS.
> 
> Apart from that, AD is working correctly, it can be read and write 
> without problems. I can add or remove records to existing zones too.
> 
> with ldbadd I was able to create new reverse zones, from manually 
> modified ldif files.  then I was able to modify @ records, add PTR,
> etc...
> 

I seem to vaguely remember this, but I will need reminding of the
details.
In the mean time, if you are still using 4.20.0 , then can I suggest
you upgrade, there have been quite a few changes in the code area that
you are hitting.

Rowland
 




More information about the samba mailing list