Solved

DNS Question/Issues

Posted on 2006-11-30
4
270 Views
Last Modified: 2010-04-18
Hi,

I have a Windows 2003 network and we are having issues with DNS. I noticed that some host a records were incorrect. I figured out that this was du to the fact that the computer account didn't have rights on the record. This is the case for some of them (haven't gone through all of them because we have over a 1000 pcs).

What i really want to know is why some A host permissions would not be correct. I don't know of any that would have been created manualy. I can unederstand if a computer was reformatted or replaced with the same name and the computer account was deleted and recreated but this would leave the old SID in the permissions. (some have this) But in my case the records have no computer accounts or unknown SID accounts in the permissions just all the other default ones.

I want to make sure this doesn't happen again so i would would like to know what caused this. Any ideas?

Also i would like to correct this wothout having to go through each record individually. Any ideas?
 
0
Comment
Question by:inf2300
4 Comments
 
LVL 51

Accepted Solution

by:
Netman66 earned 250 total points
ID: 18048192
There are a few reasons for incorrect A records:

1)  The originally registered computer was renamed.
2)  The lease expired on those computers, then the IP was given to another PC.

Scavenging is how to delete stale records - normally, the default behaviour for Scavenging is good as long as the default DHCP lease assignment is still being used.

0
 
LVL 38

Assisted Solution

by:Hypercat (Deb)
Hypercat (Deb) earned 250 total points
ID: 18049070
If you are using DHCP and have it set up to do the DNS dynamic updates, there is a suggested way to get around any possible permissions issues in Win2k3 server.  MS recommends setting up a single user ID to be used for DHCP to update DNS registrations.  You set up a user ID that has membership ONLY in the DNSUpdateProxy group.  Then, go to your DHCP management console, right-click on the server name, click on the Advanced tab, click the Credentials button and put in the user name and password that you set up.  This way, every dynamic update uses these credentials and potential problems are avoided.  

In addition, you need to set up scavenging to get rid of the stale records, as mentioned by Netman66.  Default behavior for scavenging is fine.  However, scavenging is not enabled by default in Win2k3.  So, you need to go and edit the properties of your DNS server(s) to enable scavenging of stale records.  To do this, in the DNS mgmt. console, right-click on the server name and click "Set aging/scavenging for all zones."

Hope this helps!
0

Featured Post

Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Elevating Domain functional level 9 116
Difference security-only quality vs security monthly quality rollup updates 5 83
Backup DHCP Server 8 95
Connecting two servers 30 76
So you have two Windows Servers and you have a directory/folder/files on one that you'd like to mirror to the other?  You don't really want to deal with DFS or a 3rd party solution like Doubletake. You can use Robocopy from the Windows Server 200…
Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
Internet Business Fax to Email Made Easy - With  eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, f…
Video by: Mark
This lesson goes over how to construct ordered and unordered lists and how to create hyperlinks.

863 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now