Solved

NSlookup returns old and new domain controllers

Posted on 2009-07-03
3
1,627 Views
Last Modified: 2012-05-07
When i perform an nslookup for my child domain (domain1.forest.com) name in my Active Directory environmnet the query returns a list of old and new IP address of domain controllers.

How do i remove the old / obsolete IP addresses ? so the nslookup returns the correct servers alone.

I verified the obsolete servers are not in

- AD Sites and Servers
- DNS Name servers for the child domain and root domain
- no static entry in host and lmhost files on any DC

I have one forest and 10 child domains , the child domain in question is functioning in Win2000 mixmode AD, there are 5 Win2003 DCs and 1 Win2000 DC.

All the DNS servers are pointing to their own IP for lookups in the TCP/IP configuration. The DNS servers forward to root servers in the forest which forward to external DNS.

Please help, i've been search all over for a solution ....
0
Comment
Question by:rbtt
3 Comments
 
LVL 6

Expert Comment

by:ou_dober
ID: 24773742
Go to a command prompt on the machine you are doing the lookup from and type:

ipconfig /flushdns


This will clear the old DNS out and refresh it.
0
 
LVL 70

Accepted Solution

by:
Chris Dent earned 250 total points
ID: 24774092

It won't...

You see, NsLookup doesn't use the client Cache which would be cleared if you ran the command above. It queries the server directly, without caching.

So...

> How do i remove the old / obsolete IP addresses ?

The only place those can be are the "(same as parent folder)" host (A) records in the Child Domain. Verify those?

Chris
0
 
LVL 31

Assisted Solution

by:Henrik Johansson
Henrik Johansson earned 250 total points
ID: 24781562
Use DNS Manager
Either delete the orphan '(same as parent folder)' A records manually from DNS zone or enable automatic aging/scavenging by enabling the following settings
- DNS zone properties->Aging->'Scavenge stale resource records'
- DNS server properties->Advanced->'Enable automatic scavenging of stale records'.
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Disabling the Directory Sync Service Account in Office 365 will stop directory synchronization from working.
Synchronize a new Active Directory domain with an existing Office 365 tenant
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

860 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question