Solved

NSlookup returns old and new domain controllers

Posted on 2009-07-03
3
1,586 Views
Last Modified: 2012-05-07
When i perform an nslookup for my child domain (domain1.forest.com) name in my Active Directory environmnet the query returns a list of old and new IP address of domain controllers.

How do i remove the old / obsolete IP addresses ? so the nslookup returns the correct servers alone.

I verified the obsolete servers are not in

- AD Sites and Servers
- DNS Name servers for the child domain and root domain
- no static entry in host and lmhost files on any DC

I have one forest and 10 child domains , the child domain in question is functioning in Win2000 mixmode AD, there are 5 Win2003 DCs and 1 Win2000 DC.

All the DNS servers are pointing to their own IP for lookups in the TCP/IP configuration. The DNS servers forward to root servers in the forest which forward to external DNS.

Please help, i've been search all over for a solution ....
0
Comment
Question by:rbtt
3 Comments
 
LVL 6

Expert Comment

by:ou_dober
ID: 24773742
Go to a command prompt on the machine you are doing the lookup from and type:

ipconfig /flushdns


This will clear the old DNS out and refresh it.
0
 
LVL 70

Accepted Solution

by:
Chris Dent earned 250 total points
ID: 24774092

It won't...

You see, NsLookup doesn't use the client Cache which would be cleared if you ran the command above. It queries the server directly, without caching.

So...

> How do i remove the old / obsolete IP addresses ?

The only place those can be are the "(same as parent folder)" host (A) records in the Child Domain. Verify those?

Chris
0
 
LVL 31

Assisted Solution

by:Henrik Johansson
Henrik Johansson earned 250 total points
ID: 24781562
Use DNS Manager
Either delete the orphan '(same as parent folder)' A records manually from DNS zone or enable automatic aging/scavenging by enabling the following settings
- DNS zone properties->Aging->'Scavenge stale resource records'
- DNS server properties->Advanced->'Enable automatic scavenging of stale records'.
0

Featured Post

What Should I Do With This Threat Intelligence?

Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

Join & Write a Comment

Do you have users whose passwords are expiring and they are constantly calling you?  Well I sure did and needed a way to put an end to this.  We have a lot of remote users which would not be notified that their passwords were expiring since they wer…
[b]Ok so now I will show you how to add a user name to the description at login. [/b] First connect to your DC (Domain Controller / Active Directory Server) SET PERMISSIONS FOR SCRIPT TO UPDATE COMPUTER DESCRIPTION TO USERNAME 1. Open Active …
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now