Windows Server 2003
--
Questions
--
Followers
Top Experts
DNS MMC Snap-in - PTR record shows as unchecked
I have a WinXP-SP2 workstation with Win2k3 AdminTools (SP2) installed. I use the DNS snap-in tool often, and a noticed a big discrepency that has thrown me for a loop.
If I open 'All Programs' -> 'Administrative Tools' -> 'DNS' [shortcut], then drill down to any of my 'Forward Lookup Zones' (i.e. mydomain.org) and open any A-record, the 'Update associated pointer (PTR) record' check-box is checked -- the correct behavior. I have hundreds of records and if I click on any one of them, same result -- all good.
However, instead of using the DNS "shortcut", if I simply run 'MMC.exe', then add the 'DNS' snap-in, attach to exact same DNS server, and do the exact same thing -- look at the A-Records for the same hosts -- the 'Update associated pointer (PTR) record' check-box is UNchecked. Not so good.
This is so bizarre, since both the DNS shortcut and DNS snap-in appear to be the exact same thing -- an MMC Snap-in. In fact, I can run both side by side, and the 'About' box tells me they are identical -- Microsoft Mgmt Console v3.0 (XP-SP2) and DNS v5.2.3790.3959. And I can't get any more info on the DNS shortcut -- the 'Target' properties are greyed out.
BTW, it does not matter if I have 'Advanced' view turned on or not. This also is clearly not a server-side DNS issue or DHCP issue. The actual zones (both forward and reverse lookup) work fine and are updating correctly. To confirm, I had a co-worker do the exact same thing (even trying a different version of the Win2k3 Admin Tools) -- he had the same problem. To me, this appears to be an MMC or DNS Snap-in bug.
I would like to solve this, because I need to create a custom MMC snap-in for all my Administrative needs. Anyone else have the same problem?
Thanks!
If I open 'All Programs' -> 'Administrative Tools' -> 'DNS' [shortcut], then drill down to any of my 'Forward Lookup Zones' (i.e. mydomain.org) and open any A-record, the 'Update associated pointer (PTR) record' check-box is checked -- the correct behavior. I have hundreds of records and if I click on any one of them, same result -- all good.
However, instead of using the DNS "shortcut", if I simply run 'MMC.exe', then add the 'DNS' snap-in, attach to exact same DNS server, and do the exact same thing -- look at the A-Records for the same hosts -- the 'Update associated pointer (PTR) record' check-box is UNchecked. Not so good.
This is so bizarre, since both the DNS shortcut and DNS snap-in appear to be the exact same thing -- an MMC Snap-in. In fact, I can run both side by side, and the 'About' box tells me they are identical -- Microsoft Mgmt Console v3.0 (XP-SP2) and DNS v5.2.3790.3959. And I can't get any more info on the DNS shortcut -- the 'Target' properties are greyed out.
BTW, it does not matter if I have 'Advanced' view turned on or not. This also is clearly not a server-side DNS issue or DHCP issue. The actual zones (both forward and reverse lookup) work fine and are updating correctly. To confirm, I had a co-worker do the exact same thing (even trying a different version of the Win2k3 Admin Tools) -- he had the same problem. To me, this appears to be an MMC or DNS Snap-in bug.
I would like to solve this, because I need to create a custom MMC snap-in for all my Administrative needs. Anyone else have the same problem?
Thanks!
Zero AI Policy
We believe in human intelligence. Our moderation policy strictly prohibits the use of LLM content in our Q&A threads.
Hey,
That setting is, as far as I recall, remembered between MMC console sessions.
That is, if you open up the DNS console and create a record, ticking the box, next time you create a record it will be ticked. Conversely, if you create a record with it unticked it will be unticked next time.
If you create a dummy record with the box ticked, then save your MMC it should remember the setting (at least my tests show it does - that's based on MMC 3.0).
I don't think it's a bug so much as the console trying to be helpful.
Chris
Thanks, Chris... you're on to something.
I created a dummy record using a new MMC DNS snap-in, however it didn't just "tick" on for that one record. Now any record I go to also shows the cooresponding update PTR record as "checked".
I didn't notice this before, because the one custom MMC DNS snap-in I use is almost exclusively to view DNS records, not update them.
I appreciate the insight, but as far as the MMC console "trying to be helpful"... please. It's NOT helpful when the DNS tool you rely on shows bogus, inconsistent data. Any time you open a new MMC w/ DNS, or logon with a new profile, or push a custom MMC out to other machines (which is best practice vs. having multiple admins RDP into one DNS server), this will be a problem, as it will lead to great confusion regarding DNS records -- folks won't know whether the PTR is truly a dynamic update (especially if the record is missing, for some reason.) Bottom line -- you can NOT rely on this field, hence, it is a bug.
Thanks for your help. Â And any other suggestions on how to fix?
I created a dummy record using a new MMC DNS snap-in, however it didn't just "tick" on for that one record. Now any record I go to also shows the cooresponding update PTR record as "checked".
I didn't notice this before, because the one custom MMC DNS snap-in I use is almost exclusively to view DNS records, not update them.
I appreciate the insight, but as far as the MMC console "trying to be helpful"... please. It's NOT helpful when the DNS tool you rely on shows bogus, inconsistent data. Any time you open a new MMC w/ DNS, or logon with a new profile, or push a custom MMC out to other machines (which is best practice vs. having multiple admins RDP into one DNS server), this will be a problem, as it will lead to great confusion regarding DNS records -- folks won't know whether the PTR is truly a dynamic update (especially if the record is missing, for some reason.) Bottom line -- you can NOT rely on this field, hence, it is a bug.
Thanks for your help. Â And any other suggestions on how to fix?
ASKER CERTIFIED SOLUTION
membership
Log in or create a free account to see answer.
Signing up is free and takes 30 seconds. No credit card required.
Thanks Chris.
I understand. So it is apparently working as designed... but I would submit this is a flawed design. You can not rely on this field -- it is NOT specific to each A-record. Ironically, the check-box immediately below it (in Advanced View) -- "delete this record when it becomes stale" is specific to the A-record, and not saved as a flag within the MMC snap-in. Â
As a programmer, I'm sure this makes some kind of sense. But as an administrator/user, this DNS MMC is confusing and unreliable. And apparently Microsoft thought so, enough to fix it in the Win2008 GUI. Thus, I will take it up with Microsoft, not you ;-)
I definately would appreciate the Powershell script, and I will give you full credit for the answer/solution. Thanks!
I understand. So it is apparently working as designed... but I would submit this is a flawed design. You can not rely on this field -- it is NOT specific to each A-record. Ironically, the check-box immediately below it (in Advanced View) -- "delete this record when it becomes stale" is specific to the A-record, and not saved as a flag within the MMC snap-in. Â
As a programmer, I'm sure this makes some kind of sense. But as an administrator/user, this DNS MMC is confusing and unreliable. And apparently Microsoft thought so, enough to fix it in the Win2008 GUI. Thus, I will take it up with Microsoft, not you ;-)
I definately would appreciate the Powershell script, and I will give you full credit for the answer/solution. Thanks!
EARN REWARDS FOR ASKING, ANSWERING, AND MORE.
Earn free swag for participating on the platform.
I can certainly appreciate the difference in perspectives :)
You're right on the Stale tick box, that's updated from the record in AD rather than being a remembered option. Much more useful.
Even in 2008 there are no links between the Forward and Reverse Lookup Zones. The box operates in the same way, that's what I used for my testing of its behaviour last night. The addition of the column for the Time Stamp just makes it easier to see things.
The PowerShell Script is at the bottom. For Reverse Lookup Zones you'll have to put the $Domain in the proper format, e.g. 43.168.192.in-addr.arpa for the zone "192.168.43.x Subnet".
It's just a fairly simple WMI query to get the Time Stamp from the DNS record. It only performs AddHours because that's more flexible and allows us to do small modifications to query for stale records (based on the aging intervals).
Chris
$DNSServer = "YourServerName"
$Domain = "YourDomain"
Get-WMIObject -Class "MicrosoftDNS_AType" -Namespace `
"root\MicrosoftDNS" -Comp $DNSServer -Filter "DomainName='$Domain'" | `
Select-Object `
OwnerName,@{n="TimeStamp";e={(Get-Date("01/01/1601")).AddHours($_.TimeStamp)}} `
| ?{$_.TimeStamp -eq (Get-Date("01/01/1601"))}
Thanks again, Chris... very useful info. And I really appreciate the script.
I'm going to need to work on a more powerful script, however, since we are seeing some A-records missing their corresponding PTR records, and don't know why. We have over 50 forward lookup and 100 reverse-lookup zones and thousands of records (quite a challenge), so will need a script that basically can compare/reconcile the zone data and show me unmatched records. Will open a separate case on this.
Thanks again!
I'm going to need to work on a more powerful script, however, since we are seeing some A-records missing their corresponding PTR records, and don't know why. We have over 50 forward lookup and 100 reverse-lookup zones and thousands of records (quite a challenge), so will need a script that basically can compare/reconcile the zone data and show me unmatched records. Will open a separate case on this.
Thanks again!
Cool okay, if you drop a note in here when you open it I'll give you a hand putting it together.
Chris
Get a FREE t-shirt when you ask your first question.
We believe in human intelligence. Our moderation policy strictly prohibits the use of LLM content in our Q&A threads.
Windows Server 2003
--
Questions
--
Followers
Top Experts
Windows Server 2003 was based on Windows XP and was released in four editions: Web, Standard, Enterprise and Datacenter. It also had derivative versions for clusters, storage and Microsoft’s Small Business Server. Important upgrades included integrating Internet Information Services (IIS), improvements to Active Directory (AD) and Group Policy (GP), and the migration to Automated System Recovery (ASR).