Solved

DNS Question/Issues

Posted on 2006-11-30
4
272 Views
Last Modified: 2010-04-18
Hi,

I have a Windows 2003 network and we are having issues with DNS. I noticed that some host a records were incorrect. I figured out that this was du to the fact that the computer account didn't have rights on the record. This is the case for some of them (haven't gone through all of them because we have over a 1000 pcs).

What i really want to know is why some A host permissions would not be correct. I don't know of any that would have been created manualy. I can unederstand if a computer was reformatted or replaced with the same name and the computer account was deleted and recreated but this would leave the old SID in the permissions. (some have this) But in my case the records have no computer accounts or unknown SID accounts in the permissions just all the other default ones.

I want to make sure this doesn't happen again so i would would like to know what caused this. Any ideas?

Also i would like to correct this wothout having to go through each record individually. Any ideas?
 
0
Comment
Question by:inf2300
4 Comments
 
LVL 51

Accepted Solution

by:
Netman66 earned 250 total points
ID: 18048192
There are a few reasons for incorrect A records:

1)  The originally registered computer was renamed.
2)  The lease expired on those computers, then the IP was given to another PC.

Scavenging is how to delete stale records - normally, the default behaviour for Scavenging is good as long as the default DHCP lease assignment is still being used.

0
 
LVL 38

Assisted Solution

by:Hypercat (Deb)
Hypercat (Deb) earned 250 total points
ID: 18049070
If you are using DHCP and have it set up to do the DNS dynamic updates, there is a suggested way to get around any possible permissions issues in Win2k3 server.  MS recommends setting up a single user ID to be used for DHCP to update DNS registrations.  You set up a user ID that has membership ONLY in the DNSUpdateProxy group.  Then, go to your DHCP management console, right-click on the server name, click on the Advanced tab, click the Credentials button and put in the user name and password that you set up.  This way, every dynamic update uses these credentials and potential problems are avoided.  

In addition, you need to set up scavenging to get rid of the stale records, as mentioned by Netman66.  Default behavior for scavenging is fine.  However, scavenging is not enabled by default in Win2k3.  So, you need to go and edit the properties of your DNS server(s) to enable scavenging of stale records.  To do this, in the DNS mgmt. console, right-click on the server name and click "Set aging/scavenging for all zones."

Hope this helps!
0

Featured Post

Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

by Batuhan Cetin In this article I will be guiding through the process of removing a failed DC metadata from Active Directory (hereafter, AD) using the ntdsutil tool in a Windows Server 2003 environment. These steps are not necessary in a Win…
A quick step-by-step overview of installing and configuring Carbonite Server Backup.
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…

827 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question