Bug ID 1204906
Summary Samba AD DC DNS Integration broken by upgrade from OpenSuse 15.3 to 15.4
Classification openSUSE
Product openSUSE Distribution
Version Leap 15.4
Hardware x86-64
OS Linux
Status NEW
Severity Major
Priority P5 - None
Component Samba
Assignee samba-maintainers@SuSE.de
Reporter zombie.ryushu@zoho.com
QA Contact samba-maintainers@SuSE.de
Found By ---
Blocker --- 

I upgraded one of my "spare" AD servers with OpenSuse 15.4, and there is now a
problem that prevents Samba from starting.

2022-10-31T03:59:04.253329-04:00 serenity named[1321]: reading built-in trust
anchors from file '/etc/bind.keys'
2022-10-31T03:59:04.274549-04:00 serenity named[1321]: using default UDP/IPv4
port range: [32768, 60999]
2022-10-31T03:59:04.274649-04:00 serenity named[1321]: using default UDP/IPv6
port range: [32768, 60999]
2022-10-31T03:59:04.275865-04:00 serenity named[1321]: listening on IPv4
interface lo, 127.0.0.1#53
2022-10-31T03:59:04.276558-04:00 serenity named[1321]: listening on IPv4
interface eth0, 192.168.0.5#53
2022-10-31T03:59:04.277066-04:00 serenity named[1321]: IPv6 socket API is
incomplete; explicitly binding to each IPv6 address separately
2022-10-31T03:59:04.277116-04:00 serenity named[1321]: listening on IPv6
interface lo, ::1#53
2022-10-31T03:59:04.277574-04:00 serenity named[1321]: listening on IPv6
interface eth0, fe80::dabb:c1ff:fe0c:3533%2#53
2022-10-31T03:59:04.278268-04:00 serenity named[1321]: generating session key
for dynamic DNS
2022-10-31T03:59:04.278561-04:00 serenity named[1321]: sizing zone task pool
based on 4 zones
2022-10-31T03:59:04.805839-04:00 serenity named[1321]: Loading 'AD DNS Zone'
using driver dlopen
2022-10-31T03:59:10.474329-04:00 serenity named[1321]: samba_dlz: started for
DN DC=pukey
2022-10-31T03:59:10.474414-04:00 serenity named[1321]: samba_dlz: starting
configure
2022-10-31T03:59:10.485811-04:00 serenity named[1321]: dns_rdata_fromtext:
buffer-0x7f55ed0a35c0:1: near 'serenity..': empty label
2022-10-31T03:59:10.485914-04:00 serenity named[1321]: Failed to put rr
2022-10-31T03:59:10.485978-04:00 serenity named[1321]: zone pukey/NONE: could
not find NS and/or SOA records
2022-10-31T03:59:10.486061-04:00 serenity named[1321]: zone pukey/NONE: has 0
SOA records
2022-10-31T03:59:10.486127-04:00 serenity named[1321]: zone pukey/NONE: has no
NS records
2022-10-31T03:59:10.486182-04:00 serenity named[1321]: samba_dlz: Failed to
configure zone 'pukey'
2022-10-31T03:59:10.506557-04:00 serenity named[1321]: loading configuration:
bad zone
2022-10-31T03:59:10.506665-04:00 serenity named[1321]: exiting (due to fatal
error)

Samba iteslf still works. version of Samba between 15.3 and 15.4 isn't any
different, but the version of Bind is:

samba-4.15.8+git.527.8d0c05d313e-150400.3.14.1.x86_64

Debugging Reveals the following:

I got another clue. What secrets file is it referring towhen it says:

1-Oct-2022 14:42:31.146 samba_dlz: ldb: No encrypted secrets key file. Secret
attributes will not be encrypted or decrypted
31-Oct-2022 14:42:31.146 samba_dlz:
31-Oct-2022 14:42:31.198 samba_dlz: started for DN DC=pukey
31-Oct-2022 14:42:31.198 samba_dlz: starting configure
31-Oct-2022 14:42:31.202 dns_rdata_fromtext: buffer-0x7f1c3fa915c0:1: near
'serenity..': empty label
31-Oct-2022 14:42:31.202 Failed to put rr

You are receiving this mail because: