Server 2003 - DNS Aging/Scavqging Question

Hey alll,

I setup Scavaging on my DNS Zones and it wiped out most of my server entries. I manually recreated them (and removed Scavaging for now). I thought Scavaging would only affect dynamically registered servers use static IP's, and workstations use DHCP. Anyway, I am looking to see how I can do this (to remove old workstation IP's as people jump from the VPN network to our production LAN), without removing the server DNS entries. Our servers auto register with DNS...we have the "Register this connection with DNS" checkbox checked on each server.

Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

In your explaination you describe that your servers use dynamic registration, so they would be scavengable once they register. The only question is why they would be scavenged if the servers are online and should be renewing the registrations. If they were manually entered, they would not be scavengable until after the first time the host with the matching name re-registered the record and turned it into a dynamic entry, but at that point the server shoudl also be renewing that record as well.
exadmin2006Author Commented:

Thanks. That was my isse too...however, we set the aging to 4 hours...would that have caused it? I believe with dynamic registration they check in to refresh every 24 hours. I am trying to figure that out too.
Introducing the "443 Security Simplified" Podcast

This new podcast puts you inside the minds of leading white-hat hackers and security researchers. Hosts Marc Laliberte and Corey Nachreiner turn complex security concepts into easily understood and actionable insights on the latest cyber security headlines and trends.

exadmin2006Author Commented:

I've been doing some testing. Since my server use DDNS to register with DNS, by default the "Delete this record when it becomes stale" box is checked by default. See the attached screenshot. When I uncheck this box, two things happen...the reverse PTR for the record goes away and I have to recreate it (not sure why this happens)...and when the server dynamincally registers with DNS again (or I do an ipconfig /registerdns from the server), it checks "Delete this record when it becomes stale" box again. So unchecking it is a temporary "fix."

exadmin2006Author Commented:
Microsoft also confirms this:

"If the record was added dynamically using dynamic update, you can clear the Delete this record when it becomes stale check box to prevent its aging or potential removal during the scavenging process. If dynamic updates to this record continue to occur, the DNS server will always reset this check box so that the dynamically updated record can be deleted."
exadmin2006Author Commented:
I would have to uncheck "Register the connection with DNS" on each server, delete the A and PTR records, and create them manually, whcih appears to be the only way the checkbox in the picture remains unchecked.
Shreedhar EtteCommented:

Refer this:

Hope this helps,

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Steve BinkCommented:
You are working yourself into a paradox: scavenge stale records, but do not scavenge stale records.

As the previous links state, if a client registers with DNS, that record becomes dynamic and subject to aging.  If they don't register, then they are not dynamic.  You need to decide if you want dynamic records or not, and go with that strategy.  When I first started reading this, I thought perhaps setting your aging clock back a little (4 hours is pretty tight), but that is really just a delay on when the problem occurs, not if.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.