Flush "Old IPs"?

Hi,

I have found two minor issues on my DNS / AD I would like to solve:

The symptom - My Synology NAS (RS 819, Version 7), is bond as EBB-S08 to my domain. During Domain Test, it checks for DNS, Network, Domain Service and Domain functionality, the test reports two errors:

  1. a kerberos service @xx.yy.zz.205 is not found
  2. a host name on xx.yy.zz.221 confilcts with xx.yy.zz.18

Root cause:
1.) some month ago, I installed Zentyal as a secondary domain controller. It crashed, so I was not able to remove it from domain. I tried to do this via some commands on ndsc.ad.mydomain.tld (rooting into the nethserver AD sub-IP). I do not remember what I exactly did, but obviously, it was not in-depth.
Q1: does andybody has an Idea of how I may clean this?
A2: I was able to set the DC IP/FQDN at the synology to xx.yy.zz.13 (which is ndsc.ad.mydomain.tld). This removes the error, but I am not sure if the Nethserver still has some relicts.

2.) xx.yy.zz.221 was the initial IP of the Synology before I changed it. The change was now to xx.yy.zz.18 and xx.yy.zz.19 which I bonded subseqently to LACP on xx.yy.zz.18.
xx.yy.zz.221 is definatly not online / existing
Q2: How do I may get rid of these ghosts (if any).

My only domain is the Nethserver at xx.yy.zz.12 and .13 (respectively for ndsc.ad.mydomain.tld).

I may use / have installed LDAPadmin on windows as well as phpmyadmin.

I hope someone can help / has an idea to investigate. Especially I would like to get rid of the Zentyal ghosts on xx.yy.zz.205.

THX
Thorsten

NethServer Version: ?
Module: 7.9.2009 (final)

Sorry, solved it… I simply “re-joined” the domain from within the Synology … obviously no ghosts within Nethserver …

1 Like

Hi @thorsten

I’d suggest using PHPLDAPAdmin (From NethServer Modules) to check and clean what’s in your AD, including any rest / leftover from your Zental adventure…

My 2 cents
Andy

Hi @Andy_Wismer

I am absolutely not expericenced on AD / LDAP. Any proposals / ideas on what I should look for within phpmyadmin?

THX
Thorsten

Hi

Removed / replaced Servers, PCs
Incorrect or replaced DNS entries (AD includes DNS…).
Zombie users (rare on nethServer AD).

If there are incomplete records, NethServer may not show these objects in Cockpit, but they still exist (partially). These can lead to issues…
If you see such “leftovers”, you can safely remove them, like eg your Zentyal “adventure”…

My 2 cents
Andy

Found a lot of old entries … especially from old Windows 7 PC bound to the domain (which are not existant) anymore. Path was:

DC=DomainDnsZones
CN=MicrosoftDNS
DC=ad.mydomain.tld
DC= … (e.g. my old Laptop name or “zentyal” …)

I used ldapadmin to remove all - obvious without problems.

1 Like