Problem:
DNS zone could not be added
21.12.21 11:05:06.716 ADMIN ( ERROR ) : Creating 'zoneName=134.2.10.in-addr.arpa,cn=dns,dc=schein,dc=ig' failed: Traceback (most recent call last):
File "/usr/lib/python2.7/dist-packages/univention/admin/handlers/__init__.py", line 1283, in _create
self.lo.add(self.dn, al, serverctrls=serverctrls, response=response)
File "/usr/lib/python2.7/dist-packages/univention/admin/uldap.py", line 865, in add
raise univention.admin.uexceptions.ldapError(_err2str(msg), original_exception=msg)
ldapError: No such object
Environment:
- Primary, Backup and Replica.
- dns/backend is ldap.
- samba4 is not installed on the domain.
Investigation:
There is an object still existing below the deleted zone, but removing also failes:
ldapdelete -x -D "cn=admin,$(ucr get ldap/base)" -y /etc/ldap.secret 'relativeDomainName=19,zoneName=134.2.10.in-addr.arpa,cn=dns,dc=schein,dc=ig'
ldap_delete: No such object (32)
Solution:
Add the Zone again:
Via ldapadd it also does not work so we have to use slapadd to bypass the ldap consistycheck. BUT be aware this change is also not recognizes by the replication mechanism. In this case we already had failed.ldifs on the other servers. So this also has to be done on the other servers, backup and replica.
So first get the ldif from an existing zone, or use the zone from the ldap backup:
univention-ldapsearch -b zoneName=135.2.10.in-addr.arpa,cn=dns,dc=schein,dc=ig -s base > file.ldif
dn: zoneName=134.2.10.in-addr.arpa,cn=dns,dc=schein,dc=ig
objectClass: dNSZone
objectClass: top
objectClass: univentionObject
univentionObjectType: dns/reverse_zone
dNSTTL: 10800
relativeDomainName: @
zoneName: 134.2.10.in-addr.arpa
nSRecord: master.schein.ig.
sOARecord: master.schein.ig. root.schein.ig. 17 28800 7200 604800 10800
slapadd -l file.ldif