Re: [Samba] Samba 4 internal DNS - how to modify SOA record
Hey guys, Just wanted to update this thread, I upgrade my samba installation to 4.1 and updated SOA record. Now dynamic DNS works fine for me!! Thanks for implementing the feature!!! Cheers!! 2013/8/9 Rustam K. rkovh...@gmail.com I thought I would update this email thread. So far editing the records via ADSI messes up ldb database, if you do that zones won't load anymore, just like Dmitry stated in his first email. I had to revert to a snapshot to get samba back, up and running. I am curious If I have to modify record manually via ldbmodify(ldbedit), would it understand hex/binary? because when I run ldbedit it shows me nothing compared to hex in my previous email, what is this format? # record 50 dn: DC=@,DC=officenet.local,CN=MicrosoftDNS,DC=DomainDnsZones,DC=officenet,DC=local objectClass: top objectClass: dnsNode . (cut) dnsRecord:: BAABAAXwAAB6AAADhAAAwKj6Aw== dnsRecord:: BAABAAXwAABuAAACWAAAwKj6Bg== dnsRecord:: GwACAAXwAAB6AAAjKzcAGQMHc3J2LXdpbglvZmZpY2VuZXQFbG9jYW wA dnsRecord:: GgACAAXwAACGAAADhAArtw0IGAMGYWxmYWRjCW9mZmljZW5ldAVsb2NhbA A= dnsRecord:: TgAGAAXwAAC9AAAYMDcAvQAAA4QAAAJYAAFRgAAaAwhzcn YtYWxmYQlvZmZpY2VuZXQFbG9jYWwAHAMKaG9zdG1hc3RlcglvZmZpY2VuZXQFbG9jYWwA Cheers 2013/8/9 Rustam K. rkovh...@gmail.com Hi, thanks for the follow up. I found the SOA record via ADSI edit : DC=@,DC=officenet.local,CN=MicrosoftDNS,DC=DomainDnsZones,DC=officenet,DC=local DC=@,DC=_msdcs.officenet.local,CN=MicrosoftDNS,DC=ForestDnsZones,DC=officenet,DC=local there are two of them,and every one of them has attribute dnsRecord which is in hex, and it has string srv-alfa (apart from hostmaster email ttl etc) which I need to change to alfadc 4E 00 06 00 05 F0 00 00 BE 00 00 00 00 00 00 00 00 00 00 00 1C 30 37 00 00 00 00 BE 00 00 03 84 00 00 02 58 00 01 51 80 00 00 00 00 1A 03 08 73 72 76 2D 61 6C 66 61 09 6F 66 66 69 63 65 6E 65 74 05 6C 6F 63 61 6C 00 1C 03 0A 68 6F 73 74 6D 61 73 74 65 72 09 6F 66 66 69 63 65 6E 65 74 05 6C 6F 63 61 6C 00 This is where I am headed, and I'll try not to screw it up. Cheers 2013/8/9 Nico Kadel-Garcia nka...@gmail.com On Thu, Aug 8, 2013 at 4:14 AM, Kai Blin k...@samba.org wrote: On 2013-08-08 10:02, Rustam K. wrote: Hello, I run samba 4.0.7, samba tool can't do the job, at least help/syntax doesn't show that I can Ah, yes. Apparently this functionality only exists in 4.1 and master, sorry. Should you try and run with that the command syntax is samba-tool dns update SOA fqdn_dns fqdn_email serial refresh retry expire minimumttl HTH, Kai Rustam, I do hope that if you're manipulating your SOA directly, that you've actually looked up the guidelines for manipulating them? Just so you don't get surprised by things like the wraparound values for the serial numbers, or what reasonable values are for TTL's. -- Rustam -- Rustam -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba 4 internal DNS - how to modify SOA record
Hi, guys... What line command for modify SOA record? Thanks! Jacó Ramos 2013/10/14 Rustam K. rkovh...@gmail.com Hey guys, Just wanted to update this thread, I upgrade my samba installation to 4.1 and updated SOA record. Now dynamic DNS works fine for me!! Thanks for implementing the feature!!! Cheers!! 2013/8/9 Rustam K. rkovh...@gmail.com I thought I would update this email thread. So far editing the records via ADSI messes up ldb database, if you do that zones won't load anymore, just like Dmitry stated in his first email. I had to revert to a snapshot to get samba back, up and running. I am curious If I have to modify record manually via ldbmodify(ldbedit), would it understand hex/binary? because when I run ldbedit it shows me nothing compared to hex in my previous email, what is this format? # record 50 dn: DC=@,DC=officenet.local,CN=MicrosoftDNS,DC=DomainDnsZones,DC=officenet,DC=local objectClass: top objectClass: dnsNode . (cut) dnsRecord:: BAABAAXwAAB6AAADhAAAwKj6Aw== dnsRecord:: BAABAAXwAABuAAACWAAAwKj6Bg== dnsRecord:: GwACAAXwAAB6AAAjKzcAGQMHc3J2LXdpbglvZmZpY2VuZXQFbG9jYW wA dnsRecord:: GgACAAXwAACGAAADhAArtw0IGAMGYWxmYWRjCW9mZmljZW5ldAVsb2NhbA A= dnsRecord:: TgAGAAXwAAC9AAAYMDcAvQAAA4QAAAJYAAFRgAAaAwhzcn YtYWxmYQlvZmZpY2VuZXQFbG9jYWwAHAMKaG9zdG1hc3RlcglvZmZpY2VuZXQFbG9jYWwA Cheers 2013/8/9 Rustam K. rkovh...@gmail.com Hi, thanks for the follow up. I found the SOA record via ADSI edit : DC=@,DC=officenet.local,CN=MicrosoftDNS,DC=DomainDnsZones,DC=officenet,DC=local DC=@,DC=_msdcs.officenet.local,CN=MicrosoftDNS,DC=ForestDnsZones,DC=officenet,DC=local there are two of them,and every one of them has attribute dnsRecord which is in hex, and it has string srv-alfa (apart from hostmaster email ttl etc) which I need to change to alfadc 4E 00 06 00 05 F0 00 00 BE 00 00 00 00 00 00 00 00 00 00 00 1C 30 37 00 00 00 00 BE 00 00 03 84 00 00 02 58 00 01 51 80 00 00 00 00 1A 03 08 73 72 76 2D 61 6C 66 61 09 6F 66 66 69 63 65 6E 65 74 05 6C 6F 63 61 6C 00 1C 03 0A 68 6F 73 74 6D 61 73 74 65 72 09 6F 66 66 69 63 65 6E 65 74 05 6C 6F 63 61 6C 00 This is where I am headed, and I'll try not to screw it up. Cheers 2013/8/9 Nico Kadel-Garcia nka...@gmail.com On Thu, Aug 8, 2013 at 4:14 AM, Kai Blin k...@samba.org wrote: On 2013-08-08 10:02, Rustam K. wrote: Hello, I run samba 4.0.7, samba tool can't do the job, at least help/syntax doesn't show that I can Ah, yes. Apparently this functionality only exists in 4.1 and master, sorry. Should you try and run with that the command syntax is samba-tool dns update SOA fqdn_dns fqdn_email serial refresh retry expire minimumttl HTH, Kai Rustam, I do hope that if you're manipulating your SOA directly, that you've actually looked up the guidelines for manipulating them? Just so you don't get surprised by things like the wraparound values for the serial numbers, or what reasonable values are for TTL's. -- Rustam -- Rustam -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- *O homem não foi criado para ser feliz nem para vencer, mas para viver para Deus. Quando vive para Deus é feliz e vence. Isaltino Gomes * * $whoami* - Perito Forense Computacional - Pentester - Esp. em Segurança de Redes de Computadores com enfâse a Perícia Forense Computacional - FACID - Bacharel em Ciência da Computação - UESPI - Administrador de Redes de Computadores - CCNA Modulo II - Lattes: *http://lattes.cnpq.br/1591329268136905* Esta mensagem pode conter informações confidenciais e/ou privilegiadas. Se você não for o destinatário ou a pessoa autorizada a receber esta mensagem, não deve usar, copiar ou divulgar as informações nela contida ou tomar qualquer ação baseada nessas informações. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba 4 internal DNS - how to modify SOA record
Hi, thanks for the follow up. I found the SOA record via ADSI edit : DC=@,DC=officenet.local,CN=MicrosoftDNS,DC=DomainDnsZones,DC=officenet,DC=local DC=@,DC=_msdcs.officenet.local,CN=MicrosoftDNS,DC=ForestDnsZones,DC=officenet,DC=local there are two of them,and every one of them has attribute dnsRecord which is in hex, and it has string srv-alfa (apart from hostmaster email ttl etc) which I need to change to alfadc 4E 00 06 00 05 F0 00 00 BE 00 00 00 00 00 00 00 00 00 00 00 1C 30 37 00 00 00 00 BE 00 00 03 84 00 00 02 58 00 01 51 80 00 00 00 00 1A 03 08 73 72 76 2D 61 6C 66 61 09 6F 66 66 69 63 65 6E 65 74 05 6C 6F 63 61 6C 00 1C 03 0A 68 6F 73 74 6D 61 73 74 65 72 09 6F 66 66 69 63 65 6E 65 74 05 6C 6F 63 61 6C 00 This is where I am headed, and I'll try not to screw it up. Cheers 2013/8/9 Nico Kadel-Garcia nka...@gmail.com On Thu, Aug 8, 2013 at 4:14 AM, Kai Blin k...@samba.org wrote: On 2013-08-08 10:02, Rustam K. wrote: Hello, I run samba 4.0.7, samba tool can't do the job, at least help/syntax doesn't show that I can Ah, yes. Apparently this functionality only exists in 4.1 and master, sorry. Should you try and run with that the command syntax is samba-tool dns update SOA fqdn_dns fqdn_email serial refresh retry expire minimumttl HTH, Kai Rustam, I do hope that if you're manipulating your SOA directly, that you've actually looked up the guidelines for manipulating them? Just so you don't get surprised by things like the wraparound values for the serial numbers, or what reasonable values are for TTL's. -- Rustam -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba 4 internal DNS - how to modify SOA record
I thought I would update this email thread. So far editing the records via ADSI messes up ldb database, if you do that zones won't load anymore, just like Dmitry stated in his first email. I had to revert to a snapshot to get samba back, up and running. I am curious If I have to modify record manually via ldbmodify(ldbedit), would it understand hex/binary? because when I run ldbedit it shows me nothing compared to hex in my previous email, what is this format? # record 50 dn: DC=@,DC=officenet.local,CN=MicrosoftDNS,DC=DomainDnsZones,DC=officenet,DC=local objectClass: top objectClass: dnsNode . (cut) dnsRecord:: BAABAAXwAAB6AAADhAAAwKj6Aw== dnsRecord:: BAABAAXwAABuAAACWAAAwKj6Bg== dnsRecord:: GwACAAXwAAB6AAAjKzcAGQMHc3J2LXdpbglvZmZpY2VuZXQFbG9jYW wA dnsRecord:: GgACAAXwAACGAAADhAArtw0IGAMGYWxmYWRjCW9mZmljZW5ldAVsb2NhbA A= dnsRecord:: TgAGAAXwAAC9AAAYMDcAvQAAA4QAAAJYAAFRgAAaAwhzcn YtYWxmYQlvZmZpY2VuZXQFbG9jYWwAHAMKaG9zdG1hc3RlcglvZmZpY2VuZXQFbG9jYWwA Cheers 2013/8/9 Rustam K. rkovh...@gmail.com Hi, thanks for the follow up. I found the SOA record via ADSI edit : DC=@,DC=officenet.local,CN=MicrosoftDNS,DC=DomainDnsZones,DC=officenet,DC=local DC=@,DC=_msdcs.officenet.local,CN=MicrosoftDNS,DC=ForestDnsZones,DC=officenet,DC=local there are two of them,and every one of them has attribute dnsRecord which is in hex, and it has string srv-alfa (apart from hostmaster email ttl etc) which I need to change to alfadc 4E 00 06 00 05 F0 00 00 BE 00 00 00 00 00 00 00 00 00 00 00 1C 30 37 00 00 00 00 BE 00 00 03 84 00 00 02 58 00 01 51 80 00 00 00 00 1A 03 08 73 72 76 2D 61 6C 66 61 09 6F 66 66 69 63 65 6E 65 74 05 6C 6F 63 61 6C 00 1C 03 0A 68 6F 73 74 6D 61 73 74 65 72 09 6F 66 66 69 63 65 6E 65 74 05 6C 6F 63 61 6C 00 This is where I am headed, and I'll try not to screw it up. Cheers 2013/8/9 Nico Kadel-Garcia nka...@gmail.com On Thu, Aug 8, 2013 at 4:14 AM, Kai Blin k...@samba.org wrote: On 2013-08-08 10:02, Rustam K. wrote: Hello, I run samba 4.0.7, samba tool can't do the job, at least help/syntax doesn't show that I can Ah, yes. Apparently this functionality only exists in 4.1 and master, sorry. Should you try and run with that the command syntax is samba-tool dns update SOA fqdn_dns fqdn_email serial refresh retry expire minimumttl HTH, Kai Rustam, I do hope that if you're manipulating your SOA directly, that you've actually looked up the guidelines for manipulating them? Just so you don't get surprised by things like the wraparound values for the serial numbers, or what reasonable values are for TTL's. -- Rustam -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba 4 internal DNS - how to modify SOA record
On 2013-08-07 14:56, Rustam K. wrote: Thank you for you emails. Unfortunately samba tool can't update SOA records. IIRC that was fixed recently, but you seem to be running 4.0 rc3, if I understand the email correctly. That misses a lot of bug fixes, some for DNS as well. Cheers, Kai -- Kai Blin Worldforge developer http://www.worldforge.org/ Wine developer http://wiki.winehq.org/KaiBlin Samba team member http://www.samba.org/samba/team/ -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba 4 internal DNS - how to modify SOA record
Hello, I run samba 4.0.7, samba tool can't do the job, at least help/syntax doesn't show that I can Cheers 2013/8/8 Kai Blin k...@samba.org On 2013-08-07 14:56, Rustam K. wrote: Thank you for you emails. Unfortunately samba tool can't update SOA records. IIRC that was fixed recently, but you seem to be running 4.0 rc3, if I understand the email correctly. That misses a lot of bug fixes, some for DNS as well. Cheers, Kai -- Kai Blin Worldforge developer http://www.worldforge.org/ Wine developer http://wiki.winehq.org/KaiBlin Samba team member http://www.samba.org/samba/**team/http://www.samba.org/samba/team/ -- Rustam -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba 4 internal DNS - how to modify SOA record
On 2013-08-08 10:02, Rustam K. wrote: Hello, I run samba 4.0.7, samba tool can't do the job, at least help/syntax doesn't show that I can Ah, yes. Apparently this functionality only exists in 4.1 and master, sorry. Should you try and run with that the command syntax is samba-tool dns update SOA fqdn_dns fqdn_email serial refresh retry expire minimumttl HTH, Kai -- Kai Blin Worldforge developer http://www.worldforge.org/ Wine developer http://wiki.winehq.org/KaiBlin Samba team member http://www.samba.org/samba/team/ -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba 4 internal DNS - how to modify SOA record
On Thu, Aug 8, 2013 at 4:14 AM, Kai Blin k...@samba.org wrote: On 2013-08-08 10:02, Rustam K. wrote: Hello, I run samba 4.0.7, samba tool can't do the job, at least help/syntax doesn't show that I can Ah, yes. Apparently this functionality only exists in 4.1 and master, sorry. Should you try and run with that the command syntax is samba-tool dns update SOA fqdn_dns fqdn_email serial refresh retry expire minimumttl HTH, Kai Rustam, I do hope that if you're manipulating your SOA directly, that you've actually looked up the guidelines for manipulating them? Just so you don't get surprised by things like the wraparound values for the serial numbers, or what reasonable values are for TTL's. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba 4 internal DNS - how to modify SOA record
Thank you for you emails. Unfortunately samba tool can't update SOA records. I'll stick to Dmitry's action plan Cheers 2013/8/7 Matthieu Patou m...@samba.org On 08/06/2013 02:34 PM, Rustam K. wrote: Hello, I have the very same problem, does anybody know a way? I am thinking of converting to BIND, modifying and then converting it back to Internal DNS implementation. Did you had a look at samba-tool dns update to do this ? Kai has a good experience in DNS related things in Samba I just put him in this thread just in case he has some insights. Matthieu. Hello. How could one modify a SOA record in rc3? For example, NS part (not NS record) of SOA record points to an absent Windows server. This effectively breaks DNS updates, since there is no such server and if corresponding A record is added, update requests from clients will come unsigned. Editing it directly via LDAP breaks Samba (some sort of checksum/hash?) MMC snap-in says Zone not loaded by DNS server, so it is not possible to use it either. samba-tool dns add|delete|update can't operate on SOA record. Maybe someone could give a link to some document describing dnsRecord, so one could forge a valid record and just change dnsRecord in DC=@ using some LDAP tool? Thanks in advance. -- Matthieu Patou Samba Team http://samba.org -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/**mailman/options/sambahttps://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba 4 internal DNS - how to modify SOA record
Hello, I have the very same problem, does anybody know a way? I am thinking of converting to BIND, modifying and then converting it back to Internal DNS implementation. Hello. How could one modify a SOA record in rc3? For example, NS part (not NS record) of SOA record points to an absent Windows server. This effectively breaks DNS updates, since there is no such server and if corresponding A record is added, update requests from clients will come unsigned. Editing it directly via LDAP breaks Samba (some sort of checksum/hash?) MMC snap-in says Zone not loaded by DNS server, so it is not possible to use it either. samba-tool dns add|delete|update can't operate on SOA record. Maybe someone could give a link to some document describing dnsRecord, so one could forge a valid record and just change dnsRecord in DC=@ using some LDAP tool? Thanks in advance. -- Best regards, Dmitry Khromov -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba 4 internal DNS - how to modify SOA record
How could one modify a SOA record in rc3? For example, NS part (not NS record) of SOA record points to an absent Windows server. This effectively breaks DNS updates, since there is no such server and if corresponding A record is added, update requests from clients will come unsigned. Editing it directly via LDAP breaks Samba (some sort of checksum/hash?) MMC snap-in says Zone not loaded by DNS server, so it is not possible to use it either. samba-tool dns add|delete|update can't operate on SOA record. Maybe someone could give a link to some document describing dnsRecord, so one could forge a valid record and just change dnsRecord in DC=@ using some LDAP tool? I have the very same problem, does anybody know a way? I am thinking of converting to BIND, modifying and then converting it back to Internal DNS implementation. I doubt that will do the job. As I recall, I forged the dnsRecord manually (record's structure description could be found on the MSDN) and ldbmodify'ed the corresponding ldb on every DC (Samba should not be run). Alternatively, you may just capture the conversation between Samba and MMC snap-in - the value you need is being sent in clear text. Regards, - Dmitry -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba 4 internal DNS - how to modify SOA record
On 08/06/2013 02:34 PM, Rustam K. wrote: Hello, I have the very same problem, does anybody know a way? I am thinking of converting to BIND, modifying and then converting it back to Internal DNS implementation. Did you had a look at samba-tool dns update to do this ? Kai has a good experience in DNS related things in Samba I just put him in this thread just in case he has some insights. Matthieu. Hello. How could one modify a SOA record in rc3? For example, NS part (not NS record) of SOA record points to an absent Windows server. This effectively breaks DNS updates, since there is no such server and if corresponding A record is added, update requests from clients will come unsigned. Editing it directly via LDAP breaks Samba (some sort of checksum/hash?) MMC snap-in says Zone not loaded by DNS server, so it is not possible to use it either. samba-tool dns add|delete|update can't operate on SOA record. Maybe someone could give a link to some document describing dnsRecord, so one could forge a valid record and just change dnsRecord in DC=@ using some LDAP tool? Thanks in advance. -- Matthieu Patou Samba Team http://samba.org -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Samba 4 internal DNS - how to modify SOA record
Hello. How could one modify a SOA record in rc3? For example, NS part (not NS record) of SOA record points to an absent Windows server. This effectively breaks DNS updates, since there is no such server and if corresponding A record is added, update requests from clients will come unsigned. Editing it directly via LDAP breaks Samba (some sort of checksum/hash?) MMC snap-in says Zone not loaded by DNS server, so it is not possible to use it either. samba-tool dns add|delete|update can't operate on SOA record. Maybe someone could give a link to some document describing dnsRecord, so one could forge a valid record and just change dnsRecord in DC=@ using some LDAP tool? Thanks in advance. -- Best regards, Dmitry Khromov -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
