Solved

DNS - lots of multiple entries and systems no longer on network?

Posted on 2004-04-22
4
283 Views
Last Modified: 2010-04-11
HI.

We're having some Active Directory/Internet Slowness and I've taken a look at our DNS.  It is set to scavenge stale records every 3 days and allow dynamic updates is set to secure only.  The forward lookup zones contain lots of multiple entries (existing and non existing) for systems and there are systems that haven't been attached to the network for months that show up.  

Am I wrong in thinking that scavenging every three days should clear these old entries out? What does "secure only" updates mean?

Thanks in advance.
0
Comment
Question by:zenportafino
  • 2
4 Comments
 
LVL 3

Expert Comment

by:Orbsol
ID: 10899014
Scavenging does excactly what you think it does. Or at least it should. It can be set at zone level or globally, so make sure it is set for the zone you are looking at. Secure Updates can only be made for zones that are associated with active directory, and it is simply a secure way of updating dymanic entries. If you have it ticked, your server will refuse updates from a host that tries to update insecurely.

A good url for all aspects of Windows DNS can be found at http://www.microsoft.com/resources/documentation/WindowsServ/2003/standard/proddocs/en-us/Default.asp?url=/resources/documentation/WindowsServ/2003/standard/proddocs/en-us/sag_DNStopnode.asp
0
 
LVL 4

Expert Comment

by:boxcar7
ID: 10901837
Verify that those old records are indeed not static entries entered into DNS.  If they are, you will have to manually remove them.

0
 
LVL 1

Author Comment

by:zenportafino
ID: 10903791
Ok, as it turns out scavengin was only set on the server and NOT the zones.  I want to enable scavenging but have read warnings about doing so.  This is a small network with less than 70 systems in a single site.  Should I have any concerns before enabling it?
0
 
LVL 3

Accepted Solution

by:
Orbsol earned 250 total points
ID: 10911574
None whatsover in my opinion. I have never had a any trouble with it.
0

Featured Post

Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

When it comes to security, there are always trade-offs between security and convenience/ease of administration. This article examines some of the main pros and cons of using key authentication vs password authentication for hosting an SFTP server.
For many of us, the  holiday season kindles the natural urge to give back to our friends, family members and communities. While it's easy for friends to notice the impact of such deeds, understanding the contributions of businesses and enterprises i…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

697 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question