Link to home
Start Free TrialLog in
Avatar of PellaEE
PellaEE

asked on

I accidently scavenged DNS Records

I did a bad thing.  I hit the scavenge stale records in DNS and virtually everything is gone, except for what I manually entered - which isn't much.   DHCP is set to always register.  Will DNS rebuild with what I currently have on the network?  How long will it take.  I can't connect to any of my DHCP clients using my remote connection software or Remote Desktop.  I am feeling like a total idiot right now.
ASKER CERTIFIED SOLUTION
Avatar of Chris Dent
Chris Dent
Flag of United Kingdom of Great Britain and Northern Ireland image
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of PellaEE
PellaEE

ASKER

I didn't set up scavenging.  I hit the scavenge stale records now option.  Big mistake.  However, I did release renew the address on my own PC.  I even rejoined the domain and rebooted - it still doesn't appear in the DNS listing.  I will let it rebuild through the weekend and see what it looks like on Monday.
Avatar of Chris Dent
Chris Dent
Flag of United Kingdom of Great Britain and Northern Ireland image

Okay, but someone must have for that to actually do anything. If it wasn't enabled at all the command wouldn't make any changes.

Can you check the Aging intervals anyway? Prevent something like this happening again? They're set under the Properties for your Forward Lookup Zone (e.g. domain.com), under the Aging button.

It would also be worth verifying that the zone permits Dynamic Updates, and that your clients all refer to that DNS server in TCP/IP configuration.

Chris
Avatar of PellaEE
PellaEE

ASKER

I closed things out too soon.  When I checked DNS, nothing had rebuilt.  I had to set updates to Secure and UnSecure before anything would show up.  The zone is set to accept dynamic updates.  I told my computer to registerdns and then it appeared after changing to include unsecure updates.  

The scavenging interval was set at 7 days.  I turned it off.  
Avatar of Chris Dent
Chris Dent
Flag of United Kingdom of Great Britain and Northern Ireland image

I would worry that you need to reduce the security on updates to permit non-secure. That suggests you have an authentication problem within the domain.

Chris
Avatar of PellaEE
PellaEE

ASKER

Could you elaborate on that?  What kind of authentication problem?  Where and for what would I look?
Avatar of Chris Dent
Chris Dent
Flag of United Kingdom of Great Britain and Northern Ireland image

Secure updates are allowed because of Kerberos authentication. If the system  fails to properly authenticate then the update will fail.

That gives us a few things to check.

1. System time. All systems on the network should have time within 5 minutes of the Domain Controller (allowing for adjustment because of Time Zones).

2. Event Logs for any authentication errors (probably logs to System log)

3. DCDiag should flag if the system is suffering

Chris
Avatar of PellaEE
PellaEE

ASKER

I ran DCDiag.  All tests passed.  No errors in the system log.  However, in the Security log there seems to be issues.  What kind I can't tell.  God, what I mess I inherited.  Anyway Failure audits on  Event ID's 672 and 680 a lot of them.  However, 672 has no user ID, and the client address is the loopback 127.0.0.1 - which I assume is the server itself.  The Service name is krbtgt/domainname - which is kerberos correct?  Account name is administrator. ????  680 has the logon account of administrator with the server as the source workstation and error code 0xc0000064 - which is no such account - which would be correct.  I have no account named administrator.  The domain admin account has been renamed.  I seemed to have opened a whole nother can of worms here.  Sorry for the continuance.