DNS - lots of multiple entries and systems no longer on network?

HI.

We're having some Active Directory/Internet Slowness and I've taken a look at our DNS.  It is set to scavenge stale records every 3 days and allow dynamic updates is set to secure only.  The forward lookup zones contain lots of multiple entries (existing and non existing) for systems and there are systems that haven't been attached to the network for months that show up.  

Am I wrong in thinking that scavenging every three days should clear these old entries out? What does "secure only" updates mean?

Thanks in advance.
LVL 1
zenportafinoAsked:
Who is Participating?

[Webinar] Streamline your web hosting managementRegister Today

x
 
OrbsolConnect With a Mentor Commented:
None whatsover in my opinion. I have never had a any trouble with it.
0
 
OrbsolCommented:
Scavenging does excactly what you think it does. Or at least it should. It can be set at zone level or globally, so make sure it is set for the zone you are looking at. Secure Updates can only be made for zones that are associated with active directory, and it is simply a secure way of updating dymanic entries. If you have it ticked, your server will refuse updates from a host that tries to update insecurely.

A good url for all aspects of Windows DNS can be found at http://www.microsoft.com/resources/documentation/WindowsServ/2003/standard/proddocs/en-us/Default.asp?url=/resources/documentation/WindowsServ/2003/standard/proddocs/en-us/sag_DNStopnode.asp
0
 
boxcar7Commented:
Verify that those old records are indeed not static entries entered into DNS.  If they are, you will have to manually remove them.

0
 
zenportafinoAuthor Commented:
Ok, as it turns out scavengin was only set on the server and NOT the zones.  I want to enable scavenging but have read warnings about doing so.  This is a small network with less than 70 systems in a single site.  Should I have any concerns before enabling it?
0
All Courses

From novice to tech pro — start learning today.