[Samba] Stray DC A record in DNS

[martin f krafft]

Hi Rowland,

Thank you for your response and help!

Regarding the following, written by "Rowland Penny via samba" on 2025-11-27 at 13:10 Uhr +0000:
>ldbsearch --cross-ncs --show-binary -H /var/lib/samba/private/sam.ldb > full.ldif
>
>Then search in full.ldif for your ipaddress, it may be there multiple
>times.

I've run this command, but the
result does *not* contain the sought IP address at all, not one single
time.

>If you did find the ipaddress in the bind9 config files, I would then
>suggest you correct the files. Samba uses bind_dlz to connect Bind9 to
>the dns records in AD, there shouldn't be any AD dns records in the
>bind9 files.

Right, I understand and there is nothing AD-related in `/etc/bind`.

So it's not in `/etc/bind` and apparently not in `/var/lib/samba`. It's
not in `/var/cache/bind` and not in `/var/lib/bind`.

Where else can I look and remove this IP address from DNS?

I've run `named -d 255` in the hope to get some more information, but
all that is logged for a `dig` request is:

```
client @0x770b8e77c898 192.168.235.1#52095: UDP request
client @0x770b8e77c898 192.168.235.1#52095: using view '_default'
client @0x770b8e77c898 192.168.235.1#52095: request is not signed
client @0x770b8e77c898 192.168.235.1#52095: recursion available
client @0x770b8e77c898 192.168.235.1#52095 (dc01.samba-ad.example.org): query 'dc01.samba-ad.example.org/A/IN' approved
client @0x770b8e77c898 192.168.235.1#52095 (dc01.samba-ad.example.org): rrl=(nil), HAVECOOKIE=0, result=ISC_R_SUCCESS, fname=0x770b9366e780(1), is_zone=1, RECURSIONOK=1, query.rpz_st=0x770b8e748800(0), RRL_CHECKED=0
client @0x770b8e77c898 192.168.235.1#52095 (dc01.samba-ad.example.org): reset client
```

I remain quite puzzled.

-- 
martin krafft | https://matrix.to/#/#madduck:madduck.net
  
don't hate yourself in the morning -- sleep till noon.
{: .blockquote }
  
spamtraps: madduck.bogus at madduck.net
{: .hidden }