ForestDnsZones partition and TrustAnchors zone problem
Samuel Cabrero
scabrero at zentyal.com
Mon Oct 1 16:35:58 MDT 2012
Hi,
I have found a problem related to the ForestDnsZones partition
replication when using BIND9_DLZ as backend in samba4 rc1.
If the "TrustAnchors" zone exists in the windows server, it is
replicated to samba4 and named daemon exits with the following error
when trying to load it:
named[10704]: samba_dlz: Failed to configure zone '..TrustAnchors'
named[10704]: loading configuration: empty label
named[10704]: exiting (due to fatal error)
As soon the zone is deleted in the windows server (dnscmd /zonedelete
TrustAnchors /DsDel) and the change is replicated to samba, named starts
without problems.
This issue is more annoying than it seems because this TrustAnchors zone
is automatically created each time that the server properties window is
opened in the windows DNS management tool. If you right click in the
server name and select properties, then select the Trust Anchors tab and
click Ok button without make any changes, the zone is created again,
replicated to samba4 and the problem is back.
I don't know if it is related, but the zone have two dots prepended to
the name when replicated to samba:
root at s4dc1:/home/zen# samba-tool dns zonelist s4dc1.kernevil.lan
3 zone(s) found
pszZoneName : kernevil.lan
Flags : DNS_RPC_ZONE_DSINTEGRATED
DNS_RPC_ZONE_UPDATE_SECURE
ZoneType : DNS_ZONE_TYPE_PRIMARY
Version : 50
dwDpFlags : DNS_DP_AUTOCREATED
DNS_DP_DOMAIN_DEFAULT DNS_DP_ENLISTED
pszDpFqdn : DomainDnsZones.kernevil.lan
pszZoneName : _msdcs.kernevil.lan
Flags : DNS_RPC_ZONE_DSINTEGRATED
DNS_RPC_ZONE_UPDATE_SECURE
ZoneType : DNS_ZONE_TYPE_PRIMARY
Version : 50
dwDpFlags : DNS_DP_AUTOCREATED
DNS_DP_FOREST_DEFAULT DNS_DP_ENLISTED
pszDpFqdn : ForestDnsZones.kernevil.lan
pszZoneName : ..TrustAnchors
Flags : DNS_RPC_ZONE_DSINTEGRATED
DNS_RPC_ZONE_UPDATE_SECURE
ZoneType : DNS_ZONE_TYPE_PRIMARY
Version : 50
dwDpFlags : DNS_DP_AUTOCREATED
DNS_DP_FOREST_DEFAULT DNS_DP_ENLISTED
pszDpFqdn : ForestDnsZones.kernevil.lan
root at s4dc1:/home/zen# samba-tool dns zonelist windc1.kernevil.lan
3 zone(s) found
pszZoneName : _msdcs.kernevil.lan
Flags : DNS_RPC_ZONE_DSINTEGRATED
DNS_RPC_ZONE_UPDATE_SECURE
ZoneType : DNS_ZONE_TYPE_PRIMARY
Version : 50
dwDpFlags : DNS_DP_AUTOCREATED
DNS_DP_FOREST_DEFAULT DNS_DP_ENLISTED
pszDpFqdn : ForestDnsZones.kernevil.lan
pszZoneName : kernevil.lan
Flags : DNS_RPC_ZONE_DSINTEGRATED
DNS_RPC_ZONE_UPDATE_SECURE
ZoneType : DNS_ZONE_TYPE_PRIMARY
Version : 50
dwDpFlags : DNS_DP_AUTOCREATED
DNS_DP_DOMAIN_DEFAULT DNS_DP_ENLISTED
pszDpFqdn : DomainDnsZones.kernevil.lan
pszZoneName : TrustAnchors
Flags : DNS_RPC_ZONE_DSINTEGRATED
ZoneType : DNS_ZONE_TYPE_PRIMARY
Version : 50
dwDpFlags : DNS_DP_AUTOCREATED
DNS_DP_FOREST_DEFAULT DNS_DP_ENLISTED
pszDpFqdn : ForestDnsZones.kernevil.lan
I would be happy to provide as much debug info as you need to help to
solve this issue.
Cheers.
--
Samuel Cabrero - Developer
scabrero at zentyal.com
The Linux small business server
www.zentyal.com
More information about the samba-technical
mailing list