• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 410
  • Last Modified:

Missing DNS data


I have an issue within our DNS where data has been removed from the forward lookup zone; unfortunately I don’t know what has been removed as so I am unable to put it back. Is there anyway of looking at what was configured before this data was deleted. Can I get this from a backup of the files in the system32\DNS folder I don’t really want to have to restore the DC from backup, but if this is the only way then so be it. Hoping someone can save my sorry ass.

Thanks guys

2 Solutions
So you're running Windows DNS?

I would consider restoring your backup to an isolated virtual machine and performing an export of DNS for the static entries.  Much of the DNS config for Active Directory is "dynamic" and managed by the domain controllers.  You should only need to worry about the "static" records that were manually created.  I guess you don't have documentation on what these were?

You could also setup a network capture on the DNS server and look at the incoming records.  Clients will continue to request records even if they don't exist.  You can then do some detective work and figure out what those records should point to and recreate them.
Glen KnightCommented:
What do you think has been removed?
Most clients will update their own records if they are missing.  The only items that will not update themselves are static entries you may have added manually?

There's a file in c:\winnt\system32\dns. If you are lucky then there will a file name something like domainblabla.dns

If there's nothing there, then you are running DNS as AD Integrated. In this mode, then only way to recover your DNS is to perform a System State restore (provided you did the System State backup lately)

Good Luck!
sim-yAuthor Commented:
Thanks guys, yeah it is Windows DNS. I am new to this organisation so I don’t know how things were configured and there has been no documentation done within the last 10 years (real helpful). I will do a restore to another box and look at the config. And then document it.....

"mail.domain.com.au" is not working; I can telnet to it internally but not externally. Thankfully we have a backup that still works. Who ever set this up has done it in a really convoluted way and it just makes no sense.

Thanks again guys.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Will You Be GDPR Compliant by 5/28/2018?

GDPR? That's a regulation for the European Union. But, if you collect data from customers or employees within the EU, then you need to know about GDPR and make sure your organization is compliant by May 2018. Check out our preparation checklist to make sure you're on track today!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now