Web lists-archives.com

Re: [Samba] Some strange errors in logs




Samba - General mailing list wrote
> On Fri, 10 Nov 2017 02:55:44 -0700 (MST)
> Mariusz80 via samba <

> samba@.samba

> > wrote:
> 
>> Hello there. 
>> I need consultation and any advice about my log file.
>> 
>> I have some strange errors in my log file about "invalid zone
>> operation" and "pad length mismatch. Calculated 44  got 0" on my DC1
>> and DC2 samba Version 4.5.12-Debian
>> smb.conf:
>> [global]
>>         workgroup = !!!
>>         realm = !!!
>>         netbios name = !!!
>>         server role = active directory domain controller
>>         server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc,
>> drepl, winbindd, ntp_signd, kcc, dnsupdate
>>         idmap_ldb:use rfc2307 = yes
>> 
>> load printers = no
>> printing = bsd
>> printcap name = /dev/null
>> disable spoolss = yes
>> 
>> log level = 1
>> max log size = 1000
>> log file = /var/log/samba/%m.log
>> 
>> lm announce = no
>> client lanman auth = no
>> 
>> ntlm auth = yes
>> lanman auth = no
>> client ntlmv2 auth = yes
>> 
>> [netlogon]
>>         path = /var/lib/samba/sysvol/dfm.biz.pl/scripts
>>         read only = No
>> 
>> [sysvol]
>>         path = /var/lib/samba/sysvol
>>         read only = No
>> 
>> Sample log:
>> [2017/11/09 11:22:46.190213,  0]
>> ../source4/rpc_server/dnsserver/dcerpc_dnsserver.c:1085(dnsserver_query_zone)
>>   dnsserver: Invalid zone operation IsSigneddnsserver: Invalid zone
>> operation IsSigneddnsserver: Invalid zone operation IsSigneddnsserver:
>> Invalid zone operation IsSigneddnsserver: Invalid zone operation
>> IsSigneddnsserver: Invalid zone operation IsSigneddnsserver: Invalid
>> zone operation IsSigneddnsserver: Invalid zone operation
>> IsSigneddnsserver: Invalid zone operation IsSigneddnsserver: Invalid
>> zone operation IsSigned../librpc/rpc/dcerpc_util.c:227: ERROR: pad
>> length mismatch. Calculated 44  got 0
>> [2017/11/09 12:11:58.968226,  1]
>> ../librpc/rpc/dcerpc_util.c:227(dcerpc_pull_auth_trailer)
>>   ../librpc/rpc/dcerpc_util.c:227: ERROR: pad length mismatch.
>> Calculated 44 got 0
>> [2017/11/09 12:28:13.768393,  0]
>> ../source4/rpc_server/dnsserver/dcerpc_dnsserver.c:1085(dnsserver_query_zone)
>>   dnsserver: Invalid zone operation IsSigneddnsserver: Invalid zone
>> operation IsSigned../librpc/rpc/dcerpc_util.c:227: ERROR: pad length
>> mismatch. Calculated 44  got 0
>> [2017/11/09 14:54:39.320660,  1]
>> ../librpc/rpc/dcerpc_util.c:227(dcerpc_pull_auth_trailer)
>>   ../librpc/rpc/dcerpc_util.c:227: ERROR: pad length mismatch.
>> Calculated 44 got 0
>> [2017/11/09 15:02:11.878768,  1]
>> ../librpc/rpc/dcerpc_util.c:227(dcerpc_pull_auth_trailer)
>>   ../librpc/rpc/dcerpc_util.c:227: ERROR: pad length mismatch.
>> Calculated 44 got 0
>> [2017/11/09 15:04:38.500247,  1]
>> ../librpc/rpc/dcerpc_util.c:227(dcerpc_pull_auth_trailer)
>>   ../librpc/rpc/dcerpc_util.c:227: ERROR: pad length mismatch.
>> Calculated 44 got 0
>> [2017/11/09 15:28:39.928914,  0]
>> ../source4/rpc_server/dnsserver/dcerpc_dnsserver.c:1085(dnsserver_query_zone)
>>   dnsserver: Invalid zone operation IsSigneddnsserver: Invalid zone
>> operation IsSigneddnsserver: Invalid zone operation IsSigneddnsserver:
>> Invalid zone operation IsSigned../librpc/rpc/dcerpc_util.c:227:
>> ERROR: pad length mismatch. Calculated 44  got 0
>> [2017/11/09 16:05:31.014135,  1]
>> ../librpc/rpc/dcerpc_util.c:227(dcerpc_pull_auth_trailer)
>>   ../librpc/rpc/dcerpc_util.c:227: ERROR: pad length mismatch.
>> Calculated 44 got 0
>> [2017/11/09 21:53:03.428512,  1]
>> ../librpc/rpc/dcerpc_util.c:227(dcerpc_pull_auth_trailer)
>>   ../librpc/rpc/dcerpc_util.c:227: ERROR: pad length mismatch.
>> Calculated 44 got 0
>> [2017/11/10 06:58:00.225241,  1]
>> ../source4/dsdb/kcc/garbage_collect_tombstones.c:68(garbage_collect_tombstones_part)
>>   Doing a full scan on DC=ForestDnsZones,DC=dfm,DC=biz,DC=pl and
>> looking for deleted objects
>> [2017/11/10 06:58:00.228111,  1]
>> ../source4/dsdb/kcc/garbage_collect_tombstones.c:68(garbage_collect_tombstones_part)
>>   Doing a full scan on DC=DomainDnsZones,DC=dfm,DC=biz,DC=pl and
>> looking for deleted objects
>> [2017/11/10 06:58:00.236321,  1]
>> ../source4/dsdb/kcc/garbage_collect_tombstones.c:68(garbage_collect_tombstones_part)
>>   Doing a full scan on CN=Configuration,DC=dfm,DC=biz,DC=pl and
>> looking for deleted objects
>> [2017/11/10 06:58:00.287988,  1]
>> ../source4/dsdb/kcc/garbage_collect_tombstones.c:68(garbage_collect_tombstones_part)
>>   Doing a full scan on DC=dfm,DC=biz,DC=pl and looking for deleted
>> objects [2017/11/10 07:59:55.958736,  1]
>> ../librpc/rpc/dcerpc_util.c:227(dcerpc_pull_auth_trailer)
>>   ../librpc/rpc/dcerpc_util.c:227: ERROR: pad length mismatch.
>> Calculated 44 got 0
>> [2017/11/10 08:07:18.247157,  1]
>> ../librpc/rpc/dcerpc_util.c:227(dcerpc_pull_auth_trailer)
>>   ../librpc/rpc/dcerpc_util.c:227: ERROR: pad length mismatch.
>> Calculated 44 got 0
>> [2017/11/10 08:18:51.026675,  1]
>> ../librpc/rpc/dcerpc_util.c:227(dcerpc_pull_auth_trailer)
>>   ../librpc/rpc/dcerpc_util.c:227: ERROR: pad length mismatch.
>> Calculated 44 got 0
>> [2017/11/10 08:18:51.026990,  1]
>> ../librpc/rpc/dcerpc_util.c:227(dcerpc_pull_auth_trailer)
>>   ../librpc/rpc/dcerpc_util.c:227: ERROR: pad length mismatch.
>> Calculated 44 got 0
>> [2017/11/10 09:26:40.073870,  1]
>> ../librpc/rpc/dcerpc_util.c:227(dcerpc_pull_auth_trailer)
>>   ../librpc/rpc/dcerpc_util.c:227: ERROR: pad length mismatch.
>> Calculated 44 got 0
>> [2017/11/10 09:26:40.074160,  1]
>> ../librpc/rpc/dcerpc_util.c:227(dcerpc_pull_auth_trailer)
>>   ../librpc/rpc/dcerpc_util.c:227: ERROR: pad length mismatch.
>> Calculated 44 got 0
>> [2017/11/10 09:46:51.945841,  0]
>> ../source4/rpc_server/dnsserver/dcerpc_dnsserver.c:1085(dnsserver_query_zone)
>> 
>> I have also strange thing with SOA record. It is changing onself to
>> DC2 and later during the day or next day back to DC1. Is it normal
>> behaviour ? What do you think about that ?
>> ---
>> Mariusz
>> Thanks
>> 
>> 
>> 
>> --
>> Sent from:
>> http://samba.2283325.n4.nabble.com/Samba-General-f2403709.html
>> 
> 
> Can you post all your BIND named.conf files
> 
> Rowland
> 
> -- 
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba


Of course, here they are:
/etc/bind/named.conf
include "/etc/bind/named.conf.options";
include "/etc/bind/named.conf.local";
include "/etc/bind/named.conf.default-zones";

/etc/bind/named.conf.default-zones
// prime the server with knowledge of the root servers
zone "." {
	type hint;
	file "/etc/bind/db.root";
};

// be authoritative for the localhost forward and reverse zones, and for
// broadcast zones as per RFC 1912

zone "localhost" {
	type master;
	file "/etc/bind/db.local";
};

zone "127.in-addr.arpa" {
	type master;
	file "/etc/bind/db.127";
};

zone "0.in-addr.arpa" {
	type master;
	file "/etc/bind/db.0";
};

zone "255.in-addr.arpa" {
	type master;
	file "/etc/bind/db.255";
};

/etc/bind/named.conf.local
include "/var/lib/samba/private/named.conf";

/etc/bind/named.conf.options
options {
        directory "/var/cache/bind";
        allow-query { any; };
        forwarders { 10.10.10.2; };
        allow-recursion { any; };
        dnssec-validation no;
        dnssec-enable no;
        listen-on-v6 { none; };
         listen-on port 53 { any; };
        tkey-gssapi-keytab "/var/lib/samba/private/dns.keytab";
#auth-nxdomain no;
};

------------
Thanks
Mariusz




--
Sent from: http://samba.2283325.n4.nabble.com/Samba-General-f2403709.html

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba