Univention Bugzilla – Bug 32192
Removal of computer should clean up references
Last modified: 2022-07-25 08:44:12 CEST
If a computer object is removed via UMC, remaining NS records for it's FQDN should be cleaned up because DNS server fails to load the zone if it contains NS records without an A/AAAA: Aug 8 12:30:19 ucs named[31910]: zone x-y.de/IN: NS 'opsi.x-y.de' has no address records (A or AAAA) Aug 8 12:30:19 ucs named[31910]: zone x-y.de/IN: NS 'opsi-master.x-y.de' has no address records (A or AAAA) Aug 8 12:30:19 ucs named[31910]: zone x-y.de/IN: not loaded due to errors.
Reported via Ticket#: 2013080621002132
Remaining entry's in service records should be cleaned up as well. At the moment a deleted host is only removed from some "well known" service records like _kerberos._tcp Furthermore I think that if the deleted host is the last entry for a service record, the service record should be removed too.
*** Bug 16600 has been marked as a duplicate of this bug. ***
Found again in customer environment
The whole computer←→DNS consistency is still a mess.
*** Bug 42125 has been marked as a duplicate of this bug. ***
*** Bug 41163 has been marked as a duplicate of this bug. ***
*** Bug 31926 has been marked as a duplicate of this bug. ***
*** Bug 29709 has been marked as a duplicate of this bug. ***
*** Bug 34158 has been marked as a duplicate of this bug. ***
(In reply to Alexander Kläser from comment #3) > *** Bug 16600 has been marked as a duplicate of this bug. *** * Einträge in den Service Records für Kerberos und LDAP * Shares und Share-Container * Spool-Host Einträge an Druckern * Kerberos-Service Objekt(e) unter cn=kerberos,$ldap_base (In reply to Florian Best from comment #6) > *** Bug 42125 has been marked as a duplicate of this bug. *** * When removing or renaming a computer object the MX records aren't correctly updated. (In reply to Florian Best from comment #7) > *** Bug 41163 has been marked as a duplicate of this bug. *** * The ldap principal object underneath of cn=kerberos,$ldap_base should be removed (In reply to Florian Best from comment #8) > *** Bug 31926 has been marked as a duplicate of this bug. *** * Kerberos * NS DNS records * NSCD uid cache (!) → prevents rejoining (In reply to Florian Best from comment #9) > *** Bug 29709 has been marked as a duplicate of this bug. *** * Nagios services
(In reply to Florian Best from comment #10) > *** Bug 34158 has been marked as a duplicate of this bug. *** * PKGDB-Entries
*** Bug 14853 has been marked as a duplicate of this bug. ***
(In reply to Florian Best from comment #13) > *** Bug 14853 has been marked as a duplicate of this bug. *** → Service Records _pkgdb._tcp , kerberos and ldap aren't removed
Bug #28363: if a removed computer is still referenced in the DNS SOA records, the zone transfer will fail. With dns/backend=ldap this results in broken DNS, as the proxy-bind will expire the zone after 1W.
*** Bug 9514 has been marked as a duplicate of this bug. ***
*** Bug 26310 has been marked as a duplicate of this bug. ***
Bug #45108 - Portal entries aren't cleaned up.
*** Bug 20646 has been marked as a duplicate of this bug. ***
*** Bug 26664 has been marked as a duplicate of this bug. ***
Maybe the overlay module can help: Referential Integrity (12.11. in http://www.openldap.org/doc/admin24/overlays.html).
*** Bug 50102 has been marked as a duplicate of this bug. ***
(In reply to Florian Best from comment #22) > *** Bug 50102 has been marked as a duplicate of this bug. *** DHCP object.
Led to DNS failure and thus replication between all servers.
(In reply to Christina Scheinig from comment #25) > Led to DNS failure and thus replication between all servers. The linked ticket is about a failure of Multi Factor Authentication. Can you be more specific what kind of reference object caused what problem? I propose to split this bug in individual reproducable problems as the current description is very unspecific.