Two entries on AAA dns.. how to fix it?

Hello Everyone,

making a nslookup for a hostname.domainsuffix i get two entries, one is wrong.
on windows side i got it right:

image

image

where I can fix this? thanks

@trogloraspa

Hi

I’m only seeing screenshots of some Windows dialog box. What does this have to do with NethServer?
You do not even mention NethServer in your post…

No mention of what server is running DNS, but seems to be Windows from your screenshots.

You might try Microsoft Support if you have a Windows Problem… (Looks like, seeing you use a .local Domain like most Windows Users…).

If it IS on NethServer, then check this forum for DNSmasq, as that’s what provides the DNS in NethServer. Most likely you made a typo and it got stuck in the configs somewhere…

My 2 cents
Andy

2 Likes

Hi,

Thanks for stopping by; I’m sorry: I know so little about Linux and the nethserver, that I assumed that my problem was so common that it didn’t need any more specifics, yes you see correctly a little screenshot about the Microsoft DNS Manager on Windows 10 (dnsmgmt.msc), tool to manage hostnames (AAA e not only) in a windows local domain.

My Nethserver is the main DC in this domain, and I use it to manage DNS for the clients in my network too, unfortunately the only way I was able to resolve hostname without “dot.something” (real host name, mostly machines hosting production DBs without a domain name) was using the suffix provided automatically by the local domain; (this was actually part of my first post in the community, this is the second…).

Apparently, to manage the windows DC provided by the Nethserver a Domain Administrator can use windows tools like dssite.msc, dsa.msc … gpedit.msc on windows side… In this way I manage users and policy, and I’ve described lots of hostname, like I need it, and everything worked just fine, until I had to modify an entry, so I deleted it, but the first setting, the first ip address associated to that entry, is still there, the second screenshot is from web terminal in my Nethserver cockpit, and there, as you can see, I got 2 addresses for that single entry.

How I can get rid of first ip address? how can I solve this little incompatibility? maybe there is another way to manage policy and hostname, like I need it, without using windows tools?

I am very enthusiastic about nethserver, it is solid answer and very powerful, and every day I have the occasion to enlarge my Linux dictionary and knowledge… but I’m still very new to all this, and about my issues I have found poor information.

About your suggestion about DNSmasq, well, I have found zero info about how to manage hostname like i need it,(I found not proper way to use words here, hostname and domain name are not synonym) i think that the restriction to hostname that has to be like domain name, like i need it, it is too strictly: an hostname can be simply a machine; there is a chance is more Samba related issue?

Thanks for reading. Cheers

@trogloraspa

Hi Stefano

Am I correct in assuming you’re from Italy? I’m in Switzerland, and as most Swiss, I like to visit Italy once in a while! (Damn Corona!).

To manage NethServer and DNS, you can use the built in DNS Tool in Cockpit (Port 9090). To remove Hosts from AD, use Stephdl’s PHPLDAPadmin tool, from here:

https://wiki.nethserver.org/doku.php?id=phpldapadmin

Note: You will need to activate “Kamikaze” mode!

To clean out the AAA entry, try here:
nano /var/lib/nethserver/db/hosts
(I use nano as editor…)

Nano Quick tips:

Search: CTRL-w
Save & quit: CTRL-x y

Hostname / FQDN (Fully qualified domain name):

Even Windows has always differentiated between a simple hostname (With the stupid restriction of 15 CHR$ length) and a FQDN (Always also includes the hostname at left…).

If you only need a Hostname, just add in the standard domain (In your case .local) - that’s what Windows also does… Simple enough! :slight_smile:

You CAN use most Windows Tools to administrate AD in NethServer. Best bet is RSAT, that works very well and is quite compatible, at least for users and groups. Group Policys work well.
Example: RSAT AD / Forest tools won’t work, as that isn’t supported in NethServer…

My 2 cents
Andy

Hi Andy,

Thanks for reply, unfortunately in the AAA entry you suggest under the path /var/lib/nethserver/db/hosts , are all the same like the ones I already manage by the web interface for DNS management in the cockpit, as you mentioned by :9090 port.

I’m referring to the ones that it is possible to add directly from the RSAT DNS Manager (dnsmgmt.msc),
there I’ve described tens of hostname, all working like needed, and noone of these shows up in the host provided in the /var/lib/nethserver/db/hosts path, so I wonder where I can find these entries on the nethserver side…

You guess right! I’ve been in the outstanding Switzerland twice, but from Sicily is a bit far away! :slight_smile:

Thanks for reading

@trogloraspa

Morning Stefano

Sicily is a beautiful Island, been there on Vacation. (Catania & Palermo). I do like the south of Sicily!
I do have several good friends from Sicily living here in Switzerland.

Probably these exist only on the Windows side, you may need to check if the names / IP show up in the PHPLDAPadmin tool (Under hosts)…

If only on Windows, it’s probably only a cached value, but how to remove it?

Check using the same tool on another PC, also logged in with AD admin. If it only shows up on one PC, then it’s not in the AD…

My 2 cents
Andy

Thanks for the prompt reply, let me tell you that since I managed these host, every client on the net can resolve it even if my computer is off … this suggest to me that’s something linked to the DNS Server function carried out by the nethserver more than something cached out, I’ve restarted many times services and the nethserver too … no luck on it

I’ll give a try on the PHPLDAPadmin tool you suggest; and I’ll let you know how will end.

The Etna is giving really a lot to wipe out recently :open_mouth:

Thanks for reading

@trogloraspa

At the moment, the Etna is probably the greatest CO2 sinner in Sciliy… :slight_smile:

Do the other clients also see the two IP adresses?
And which one get’s resolved?

yes (the nslookup screenshot is from nethserver terminal)

the first one .191 that’s the bad one to evade.

cheers

1 Like

@trogloraspa

Hi

Look in LDAP under CN=System

CN=Microsoft DNS…

:slight_smile:

As I have no entries from MS Tools, mine is empty besides for the Root DNS…

2 Likes

Hi Andy, your help has indeed gave a solution:

I was unable to proceed with PHPAdminLdap , since the repository link seems not working.
So I proceeded using a tool on windows side, and yes! I was able to fix it…

Many thanks

2 Likes

@trogloraspa

I think our Coder-Genius Stephdl has issues with the Repo since the Strassbourg Big Fire… :frowning:

Mostly, it works, but some get an older cached IP…

My 2 cents
Andy

1 Like