Ich habe inzwischen festgestellt, dass die Neuerstellung der Zone auch einen Neustart des UCS nicht “überlebt”.
Hier eine Sammlung der diversen erbetenen Ausgaben:
Vorher (Zone funktioniert):
[code]root@ucs-01:~# rndc flush
root@ucs-01:~# host sub.meinetollefirma.de localhost
udm dns/forward_zone list
udm dns/alias list --superordinate zoneName=meinetollefirma.de,cn=dns,$(ucr get ldap/base)
udm dns/host_record list --superordinate zoneName=meinetollefirma.de,cn=dns,$(ucr get ldap/base)
Using domain server:
Name: localhost
Address: ::1#53
Aliases:
sub.meinetollefirma.de is an alias for edvs-sub.xxxxxx.intranet.
edvs-sub.xxxxxx.intranet has address 192.168.192.21
root@ucs-01:~# udm dns/forward_zone list
dig sub.meinetollefirma.de @localhost +trace
dig sub.meinetollefirma.de @localhost
univention-s4search dc=sub
DN: zoneName=xxxxxx.intranet,cn=dns,dc=xxxxxx,dc=intranet
ARG: None
expire: 7 days
ttl: 3 hours
serial: 39
a: 192.168.192.25
retry: 2 hours
zone: xxxxxx.intranet
zonettl: 3 hours
refresh: 8 hours
contact: root@xxxxxx.intranet.
nameserver: ucs-01.xxxxxx.intranet.
DN: zoneName=ip,cn=dns,dc=xxxxxx,dc=intranet
ARG: None
expire: 7 days
ttl: 3 hours
serial: 3
retry: 2 hours
zone: ip
zonettl: 3 hours
refresh: 8 hours
contact: root@xxxxxx.intranet.
nameserver: ucs-01.xxxxxx.intranet.
DN: zoneName=meinetollefirma.de,cn=dns,dc=xxxxxx,dc=intranet
ARG: None
expire: 7 days
ttl: 3 hours
serial: 4
a: 85.134.17.87
retry: 2 hours
zone: meinetollefirma.de
zonettl: 3 hours
refresh: 8 hours
contact: root@xxxxxx.intranet.
nameserver: ucs-01.xxxxxx.intranet.
root@ucs-01:~# udm dns/alias list --superordinate zoneName=meinetollefirma.de,cn=dns,$(ucr get ldap/base)
DN: relativeDomainName=sub,zoneName=meinetollefirma.de,cn=dns,dc=xxxxxx,dc=intranet
ARG: None
cname: edvs-sub.xxxxxx.intranet.
name: sub
zonettl: 3 hours
root@ucs-01:~# udm dns/host_record list --superordinate zoneName=meinetollefirma.de,cn=dns,$(ucr get ldap/base)
DN: relativeDomainName=www,zoneName=meinetollefirma.de,cn=dns,dc=xxxxxx,dc=intranet
ARG: None
a: 85.134.17.87
name: www
zonettl: 3 hours
root@ucs-01:~# dig sub.meinetollefirma.de @localhost +trace
; <<>> DiG 9.8.4-rpz2+rl005.12-P1 <<>> sub.meinetollefirma.de @localhost +trace
;; global options: +cmd
. 518400 IN NS J.ROOT-SERVERS.NET.
. 518400 IN NS M.ROOT-SERVERS.NET.
. 518400 IN NS E.ROOT-SERVERS.NET.
. 518400 IN NS K.ROOT-SERVERS.NET.
. 518400 IN NS I.ROOT-SERVERS.NET.
. 518400 IN NS A.ROOT-SERVERS.NET.
. 518400 IN NS D.ROOT-SERVERS.NET.
. 518400 IN NS F.ROOT-SERVERS.NET.
. 518400 IN NS H.ROOT-SERVERS.NET.
. 518400 IN NS L.ROOT-SERVERS.NET.
. 518400 IN NS C.ROOT-SERVERS.NET.
. 518400 IN NS B.ROOT-SERVERS.NET.
. 518400 IN NS G.ROOT-SERVERS.NET.
;; Received 228 bytes from ::1#53(::1) in 549 ms
de. 172800 IN NS n.de.net.
de. 172800 IN NS z.nic.de.
de. 172800 IN NS l.de.net.
de. 172800 IN NS s.de.net.
de. 172800 IN NS f.nic.de.
de. 172800 IN NS a.nic.de.
;; Received 357 bytes from 192.228.79.201#53(192.228.79.201) in 213 ms
meinetollefirma.de. 86400 IN NS ns5.kasserver.com.
meinetollefirma.de. 86400 IN NS ns6.kasserver.com.
;; Received 92 bytes from 194.146.107.6#53(194.146.107.6) in 48 ms
sub.meinetollefirma.de. 7200 IN A 87.128.103.82
meinetollefirma.de. 7200 IN NS ns5.kasserver.com.
meinetollefirma.de. 7200 IN NS ns6.kasserver.com.
;; Received 140 bytes from 85.13.159.101#53(85.13.159.101) in 51 ms
root@ucs-01:~# dig sub.meinetollefirma.de @localhost
; <<>> DiG 9.8.4-rpz2+rl005.12-P1 <<>> sub.meinetollefirma.de @localhost
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 8006
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 1, ADDITIONAL: 1
;; QUESTION SECTION:
;sub.meinetollefirma.de. IN A
;; ANSWER SECTION:
sub.meinetollefirma.de. 3600 IN CNAME edvs-sub.xxxxxx.intranet.
edvs-sub.xxxxxx.intranet. 900 IN A 192.168.192.21
;; AUTHORITY SECTION:
xxxxxx.intranet. 900 IN NS ucs-01.xxxxxx.intranet.
;; ADDITIONAL SECTION:
ucs-01.xxxxxx.intranet. 900 IN A 192.168.192.25
;; Query time: 3 msec
;; SERVER: ::1#53(::1)
;; WHEN: Thu Sep 3 09:53:28 2015
;; MSG SIZE rcvd: 146
root@ucs-01:~# univention-s4search dc=sub
WARNING: No path in service IPC$ - making it unavailable!
NOTE: Service IPC$ is flagged unavailable.
record 1
dn: DC=sub,DC=meinetollefirma.de,CN=MicrosoftDNS,CN=System,DC=xxxxxx,DC=intranet
objectClass: top
objectClass: dnsNode
instanceType: 4
whenCreated: 20150903074728.0Z
whenChanged: 20150903074728.0Z
uSNCreated: 4402
uSNChanged: 4402
showInAdvancedViewOnly: TRUE
name: sub
objectGUID: c344a345-3565-4c80-b24d-94846d5b57d5
dnsRecord:: KAAFAAUAAAABAAAAAAAOEAAAAAAAAAAAJgMNZWR2cy1vd25jbG91ZA1lZHYtc2VsaW
dtYW5uCGludHJhbmV0AA==
objectCategory: CN=Dns-Node,CN=Schema,CN=Configuration,DC=xxxxxx,DC=int
ranet
dc: sub
distinguishedName: DC=sub,DC=meinetollefirma.de,CN=MicrosoftDNS,CN=System,D
C=xxxxxx,DC=intranet
Referral
ref: ldap://xxxxxx.intranet/CN=Configuration,DC=xxxxxx,DC=intranet
Referral
ref: ldap://xxxxxx.intranet/DC=DomainDnsZones,DC=xxxxxx,DC=intranet
Referral
ref: ldap://xxxxxx.intranet/DC=ForestDnsZones,DC=xxxxxx,DC=intranet
returned 4 records
1 entries
3 referrals
[/code]
Nachher (Zone funktioniert NICHT):
[code]root@ucs-01:~# rndc flush
host sub.meinetollefirma.de localhost
udm dns/forward_zone list
udm dns/alias list --superordinate zoneName=meinetollefirma.de,cn=dns,$(ucr get ldap/base)
udm dns/host_record list --superordinate zoneName=meinetollefirma.de,cn=dns,$(ucr get ldap/base)
dig sub.meinetollefirma.de @localhost +trace
dig sub.meinetollefirma.de @localhost
univention-s4search dc=sub
root@ucs-01:~# host sub.meinetollefirma.de localhost
Using domain server:
Name: localhost
Address: ::1#53
Aliases:
sub.meinetollefirma.de has address <externe IP (DSL)>
root@ucs-01:~# udm dns/forward_zone list
DN: zoneName=xxxxxx.intranet,cn=dns,dc=xxxxxx,dc=intranet
ARG: None
expire: 7 days
ttl: 3 hours
serial: 39
a: 192.168.192.25
retry: 2 hours
zone: xxxxxx.intranet
zonettl: 3 hours
refresh: 8 hours
contact: root@xxxxxx.intranet.
nameserver: ucs-01.xxxxxx.intranet.
DN: zoneName=ip,cn=dns,dc=xxxxxx,dc=intranet
ARG: None
expire: 7 days
ttl: 3 hours
serial: 3
retry: 2 hours
zone: ip
zonettl: 3 hours
refresh: 8 hours
contact: root@xxxxxx.intranet.
nameserver: ucs-01.xxxxxx.intranet.
DN: zoneName=meinetollefirma.de,cn=dns,dc=xxxxxx,dc=intranet
ARG: None
expire: 7 days
ttl: 3 hours
serial: 4
a: 85.134.17.87
retry: 2 hours
zone: meinetollefirma.de
zonettl: 3 hours
refresh: 8 hours
contact: root@xxxxxx.intranet.
nameserver: ucs-01.xxxxxx.intranet.
root@ucs-01:~# udm dns/alias list --superordinate zoneName=meinetollefirma.de,cn=dns,$(ucr get ldap/base)
DN: relativeDomainName=sub,zoneName=meinetollefirma.de,cn=dns,dc=xxxxxx,dc=intranet
ARG: None
cname: edvs-sub.xxxxxx.intranet.
name: sub
zonettl: 3 hours
DN: relativeDomainName=ts,zoneName=meinetollefirma.de,cn=dns,dc=xxxxxx,dc=intranet
ARG: None
cname: 192.168.192.10.
name: ts
zonettl: 3 hours
root@ucs-01:~# udm dns/host_record list --superordinate zoneName=meinetollefirma.de,cn=dns,$(ucr get ldap/base)
DN: relativeDomainName=www,zoneName=meinetollefirma.de,cn=dns,dc=xxxxxx,dc=intranet
ARG: None
a: 85.134.17.87
name: www
zonettl: 3 hours
root@ucs-01:~# dig sub.meinetollefirma.de @localhost +trace
; <<>> DiG 9.8.4-rpz2+rl005.12-P1 <<>> sub.meinetollefirma.de @localhost +trace
;; global options: +cmd
. 85862 IN NS c.root-servers.net.
. 85862 IN NS m.root-servers.net.
. 85862 IN NS g.root-servers.net.
. 85862 IN NS k.root-servers.net.
. 85862 IN NS f.root-servers.net.
. 85862 IN NS d.root-servers.net.
. 85862 IN NS l.root-servers.net.
. 85862 IN NS e.root-servers.net.
. 85862 IN NS h.root-servers.net.
. 85862 IN NS b.root-servers.net.
. 85862 IN NS i.root-servers.net.
. 85862 IN NS j.root-servers.net.
. 85862 IN NS a.root-servers.net.
;; Received 228 bytes from ::1#53(::1) in 599 ms
de. 172800 IN NS l.de.net.
de. 172800 IN NS n.de.net.
de. 172800 IN NS f.nic.de.
de. 172800 IN NS z.nic.de.
de. 172800 IN NS s.de.net.
de. 172800 IN NS a.nic.de.
;; Received 357 bytes from 192.112.36.4#53(192.112.36.4) in 647 ms
meinetollefirma.de. 86400 IN NS ns5.kasserver.com.
meinetollefirma.de. 86400 IN NS ns6.kasserver.com.
;; Received 92 bytes from 194.146.107.6#53(194.146.107.6) in 151 ms
sub.meinetollefirma.de. 7200 IN A <externe IP (DSL)>
meinetollefirma.de. 7200 IN NS ns5.kasserver.com.
meinetollefirma.de. 7200 IN NS ns6.kasserver.com.
;; Received 140 bytes from 85.13.128.3#53(85.13.128.3) in 48 ms
root@ucs-01:~# dig sub.meinetollefirma.de @localhost
; <<>> DiG 9.8.4-rpz2+rl005.12-P1 <<>> sub.meinetollefirma.de @localhost
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 15186
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 13, ADDITIONAL: 11
;; QUESTION SECTION:
;sub.meinetollefirma.de. IN A
;; ANSWER SECTION:
sub.meinetollefirma.de. 7086 IN A <externe IP (DSL)>
;; AUTHORITY SECTION:
. 85860 IN NS f.root-servers.net.
. 85860 IN NS g.root-servers.net.
. 85860 IN NS j.root-servers.net.
. 85860 IN NS e.root-servers.net.
. 85860 IN NS c.root-servers.net.
. 85860 IN NS b.root-servers.net.
. 85860 IN NS m.root-servers.net.
. 85860 IN NS l.root-servers.net.
. 85860 IN NS a.root-servers.net.
. 85860 IN NS h.root-servers.net.
. 85860 IN NS d.root-servers.net.
. 85860 IN NS i.root-servers.net.
. 85860 IN NS k.root-servers.net.
;; ADDITIONAL SECTION:
a.root-servers.net. 78969 IN A 198.41.0.4
a.root-servers.net. 78969 IN AAAA 2001:503:ba3e::2:30
b.root-servers.net. 86170 IN A 192.228.79.201
b.root-servers.net. 78969 IN AAAA 2001:500:84::b
c.root-servers.net. 86175 IN A 192.33.4.12
c.root-servers.net. 2083 IN AAAA 2001:500:2::c
d.root-servers.net. 86175 IN A 199.7.91.13
d.root-servers.net. 2083 IN AAAA 2001:500:2d::d
e.root-servers.net. 86173 IN A 192.203.230.10
f.root-servers.net. 86175 IN A 192.5.5.241
f.root-servers.net. 72795 IN AAAA 2001:500:2f::f
;; Query time: 3 msec
;; SERVER: ::1#53(::1)
;; WHEN: Fri Sep 4 08:02:50 2015
;; MSG SIZE rcvd: 506
root@ucs-01:~# univention-s4search dc=sub
WARNING: No path in service IPC$ - making it unavailable!
NOTE: Service IPC$ is flagged unavailable.
record 1
dn: DC=sub,DC=meinetollefirma.de,CN=MicrosoftDNS,CN=System,DC=xxxxxx,DC=intranet
objectClass: top
objectClass: dnsNode
instanceType: 4
whenCreated: 20150904031249.0Z
whenChanged: 20150904031249.0Z
uSNCreated: 4438
uSNChanged: 4438
showInAdvancedViewOnly: TRUE
name: sub
objectGUID: 40558f90-7a3a-4266-a6e1-a3e9c1b4d98c
dnsRecord:: KAAFAAUAAAABAAAAAAAOEAAAAAAAAAAAJgMNZWR2cy1vd25jbG91ZA1lZHYtc2VsaW
dtYW5uCGludHJhbmV0AA==
objectCategory: CN=Dns-Node,CN=Schema,CN=Configuration,DC=xxxxxx,DC=int
ranet
dc: sub
distinguishedName: DC=sub,DC=meinetollefirma.de,CN=MicrosoftDNS,CN=System,D
C=xxxxxx,DC=intranet
Referral
ref: ldap://xxxxxx.intranet/CN=Configuration,DC=xxxxxx,DC=intranet
Referral
ref: ldap://xxxxxx.intranet/DC=DomainDnsZones,DC=xxxxxx,DC=intranet
Referral
ref: ldap://xxxxxx.intranet/DC=ForestDnsZones,DC=xxxxxx,DC=intranet
returned 4 records
1 entries
3 referrals
[/code]
Evtl. wird jemand draus schlau