[Last Call] Learn how to a build a cloud-first strategyRegister Now


Best Practice To Have ALL Microsoft AD Controllers With DDNS Perform Scavening Or Just One Primary

Posted on 2007-10-05
Medium Priority
Last Modified: 2008-05-30
We Have An Organization - ~ 1500 PCs - We Utilize Microsoft Active Directory Domain Controllers. (DDNS Integrated.)

We have 3 connected sites, each with their own AD Controller. (1 site has two AD Controllers.)

Due to our noticing 'dropped' DNS Resource Records, we're wondering is it;

Better to have only ONE AD Controller (DDNS Integrated) performing the scavenging routine and sharing that/those changes with their counterparts? Or utilizing/turning on scavenging on each/every AD controller?
Question by:billfinkri
1 Comment
LVL 70

Accepted Solution

KCTS earned 2000 total points
ID: 20022729
You can set ageing and scavenging on ALL. Make sure that clients are configured to register their IP in DNS (on the TCP/IP->Advanced->DNS tab, and/or that DHCP is set to register DNS on behalf of clients.

Featured Post

Veeam and MySQL: How to Perform Backup & Recovery

MySQL and the MariaDB variant are among the most used databases in Linux environments, and many critical applications support their data on them. Watch this recorded webinar to find out how Veeam Backup & Replication allows you to get consistent backups of MySQL databases.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Recently, Microsoft released a best-practice guide for securing Active Directory. It's a whopping 300+ pages long. Those of us tasked with securing our company’s databases and systems would, ideally, have time to devote to learning the ins and outs…
High user turnover can cause old/redundant user data to consume valuable space. UserResourceCleanup was developed to address this by automatically deleting user folders when the user account is deleted.
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
Suggested Courses

834 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question