Solved

DNS - lots of multiple entries and systems no longer on network?

Posted on 2004-04-22
4
284 Views
Last Modified: 2010-04-11
HI.

We're having some Active Directory/Internet Slowness and I've taken a look at our DNS.  It is set to scavenge stale records every 3 days and allow dynamic updates is set to secure only.  The forward lookup zones contain lots of multiple entries (existing and non existing) for systems and there are systems that haven't been attached to the network for months that show up.  

Am I wrong in thinking that scavenging every three days should clear these old entries out? What does "secure only" updates mean?

Thanks in advance.
0
Comment
Question by:zenportafino
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 3

Expert Comment

by:Orbsol
ID: 10899014
Scavenging does excactly what you think it does. Or at least it should. It can be set at zone level or globally, so make sure it is set for the zone you are looking at. Secure Updates can only be made for zones that are associated with active directory, and it is simply a secure way of updating dymanic entries. If you have it ticked, your server will refuse updates from a host that tries to update insecurely.

A good url for all aspects of Windows DNS can be found at http://www.microsoft.com/resources/documentation/WindowsServ/2003/standard/proddocs/en-us/Default.asp?url=/resources/documentation/WindowsServ/2003/standard/proddocs/en-us/sag_DNStopnode.asp
0
 
LVL 4

Expert Comment

by:boxcar7
ID: 10901837
Verify that those old records are indeed not static entries entered into DNS.  If they are, you will have to manually remove them.

0
 
LVL 1

Author Comment

by:zenportafino
ID: 10903791
Ok, as it turns out scavengin was only set on the server and NOT the zones.  I want to enable scavenging but have read warnings about doing so.  This is a small network with less than 70 systems in a single site.  Should I have any concerns before enabling it?
0
 
LVL 3

Accepted Solution

by:
Orbsol earned 250 total points
ID: 10911574
None whatsover in my opinion. I have never had a any trouble with it.
0

Featured Post

Free NetCrunch network monitor licenses!

Only on Experts-Exchange: Sign-up for a free-trial and we'll send you your permanent license!

Here is what you get: 30 Nodes | Unlimited Sensors | No Time Restrictions | Absolutely FREE!

Act now. This offer ends July 14, 2017.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

PRTG Network Monitor lets you monitor your bandwidth usage, so you know who is using up your bandwidth, and what they're using it for.
When it comes to security, there are always trade-offs between security and convenience/ease of administration. This article examines some of the main pros and cons of using key authentication vs password authentication for hosting an SFTP server.
There's a multitude of different network monitoring solutions out there, and you're probably wondering what makes NetCrunch so special. It's completely agentless, but does let you create an agent, if you desire. It offers powerful scalability …
Monitoring a network: how to monitor network services and why? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the philosophy behind service monitoring and why a handshake validation is critical in network monitoring. Software utilized …

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question