[Samba] DNS reverse zones creation locked down.
Rowland Penny
rpenny at samba.org
Fri Nov 22 10:29:39 UTC 2024
On Thu, 21 Nov 2024 15:09:49 +0100
denis bonnenfant--- via samba <samba at lists.samba.org> wrote:
> Hello, I'm resending my old message, as despite of lots of tests and
> checks, I still have the same problem.
>
> I'm facing a big problem with my Samba AD configuration :
>
> When trying to create a new reverse DNS zone on a DC, it fails with
> error :
>
>
> root at se4ad2:~# samba-tool dns zonecreate se4ad2
> 54.19.172.in-addr.arpa -Uadmin
> Password for [XXXXX\admin]:
> ERROR(runtime): uncaught exception - (1383, 'WERR_INTERNAL_DB_ERROR')
> File "/usr/lib/python3/dist-packages/samba/netcmd/__init__.py",
> line 285, in _run
> return self.run(*args, **kwargs)
> ^^^^^^^^^^^^^^^^^^^^^^^^^
> File "/usr/lib/python3/dist-packages/samba/netcmd/dns.py", line
> 973, in run
> dns_conn.DnssrvOperation2(client_version, 0, server, None,
> File "/usr/lib/python3/dist-packages/samba/netcmd/dns.py", line
> 119, in f
> return attr(*args)
> ^^^^^^^^^^^
>
> Same kind of error using ADSI DNS console, and with other Domain
> Admin accounts.
>
> I run dbcheck --cross-ncs --fix, and tried the same operation on all
> the other DCs.
>
> I even tried to join a new DC, hoping that replication will repair
> the database but i had exactly the same error with this new one.
>
>
> Samba Version is 4.20.0, and it is running with internal DNS.
>
> Apart from that, AD is working correctly, it can be read and write
> without problems. I can add or remove records to existing zones too.
>
> with ldbadd I was able to create new reverse zones, from manually
> modified ldif files. then I was able to modify @ records, add PTR,
> etc...
>
I seem to vaguely remember this, but I will need reminding of the
details.
In the mean time, if you are still using 4.20.0 , then can I suggest
you upgrade, there have been quite a few changes in the code area that
you are hitting.
Rowland
More information about the samba
mailing list