hutnor
asked on
How do I clear old DNS records automatic?
Hi
I have SBS running DNS & DHCP.
I have set the DHCP to update DNS records. I have set DNS to do aging & scavenging & set it to 8 hours. This has been running for a few weeks now & I can still see records from last year of PCs that no longer exist.
My DNS zone still has may records that point back to the same IP for up 4 different PCs.
I just wondering how I can get the DNS so it is working correctly & not have 4 PCs with the same IP.
Any have any idea on what I am missing or how I should set this up?
I have SBS running DNS & DHCP.
I have set the DHCP to update DNS records. I have set DNS to do aging & scavenging & set it to 8 hours. This has been running for a few weeks now & I can still see records from last year of PCs that no longer exist.
My DNS zone still has may records that point back to the same IP for up 4 different PCs.
I just wondering how I can get the DNS so it is working correctly & not have 4 PCs with the same IP.
Any have any idea on what I am missing or how I should set this up?
ASKER
I have secure enabled.
One of my records has a time stamp from 2006. how could it still be alive? The PC is no longer here.
One of my records has a time stamp from 2006. how could it still be alive? The PC is no longer here.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
It was on 7 days. I changed it to 8 to speed things up so I could see if it is cleaned up tomorrow instead of waiting a week. I have change it all to 2 days now.
The option Set Aging/Scavenging for All Zones was not set. I have set it now. Before I had it set to just one zone & the server.
I will see if this makes any difference.
There is no errors in DNS event viewer.
I have changed my DHCP lease times from default to 8 hours. There are no leases that will be open longer then this.
I ran a scavenge stale RR 10mins ago before I set all above settings. It did not remove any of these RR. I will run it again in 20mins. It also ran without any error & generated log saying completed without errors.
The option Set Aging/Scavenging for All Zones was not set. I have set it now. Before I had it set to just one zone & the server.
I will see if this makes any difference.
There is no errors in DNS event viewer.
I have changed my DHCP lease times from default to 8 hours. There are no leases that will be open longer then this.
I ran a scavenge stale RR 10mins ago before I set all above settings. It did not remove any of these RR. I will run it again in 20mins. It also ran without any error & generated log saying completed without errors.
Well, the fact that the option "Set Aging/Scavenging for All Zones" was not set might have been the problem. I would still increase the refresh time to at least 2 days.
ASKER
it is all set to 2 days.
all my reverse lookup zones are fine. their records are all up to date
I will see how it has gone on monday. that will give it time to get passed the scavenging timer.
Is there somewhere to set a time when the server will run a scavenging scan?
all my reverse lookup zones are fine. their records are all up to date
I will see how it has gone on monday. that will give it time to get passed the scavenging timer.
Is there somewhere to set a time when the server will run a scavenging scan?
I don't think so
ASKER
I went over all the DNS logs & can not find any logs of a scavenging been done.
I only found one log of a scavenge & that was one I did manual 15mins ago.
I only found one log of a scavenge & that was one I did manual 15mins ago.
In that case, there is one more place where you probably are missing a checkmark. In the DNS snap-in, right-clik on the server, Click "properties", go to the "advanced" tab, and on the bottom, make sure that "enable automatic scavenging" is checked.
1. Have you restarted the DNs service after you set the aging and scavenging (otherwise it wont work)
2. Select "Delete this record when it becomes stale" (requires restarting of DNS server service
2. Select "Delete this record when it becomes stale" (requires restarting of DNS server service
ASKER
Click "properties", go to the "advanced" tab, and on the bottom, make sure that "enable automatic scavenging"
Ya I got that one. It is also set to 2 days.
Service has not been restarted with these configurations. I will restart it now.
It was restart last weekend & may times before that so all my scavenging setting should have been running.
All records that i want it to remove have the delete when stale ticked.
Ya I got that one. It is also set to 2 days.
Service has not been restarted with these configurations. I will restart it now.
It was restart last weekend & may times before that so all my scavenging setting should have been running.
All records that i want it to remove have the delete when stale ticked.
ASKER
I will leave it as is for now & look over it on monday. Will let you know if anything happened.
Well, actually, before tonight, you didn't have the server-wide scavenging set up, so you'll see if setting that makes it work in a couple of days.
I'm going with the simple answer here. Have you cleared the DNS cache on your DNS server? A scheduled task to execute a liittle batch file "ipconfig -flushdns" may be all you need.
ASKER
btdownloads
Yeh that is why I said I give it to Monday to see what happens.
ctk003
I am talking about the RR on the DNS server not the server has a DNS issue & can not find a host like microsoft.com or goes to the wrong location.
I flushed the cache anyway - no affect & it only had a few addresses in there & none of them are the RR that I want to get delete.
Yeh that is why I said I give it to Monday to see what happens.
ctk003
I am talking about the RR on the DNS server not the server has a DNS issue & can not find a host like microsoft.com or goes to the wrong location.
I flushed the cache anyway - no affect & it only had a few addresses in there & none of them are the RR that I want to get delete.
In all fairness, I've been working for the last 46 hours straight, and now I'm a little drunk, so I didn't really read your question before answering it. Sorry. Looks like you're in good hands, though. I wish you the best of luck.
ASKER
Thats alright. I did not mind trying your suggestion. You never know what will work.
ASKER
RR are still there.
Sorry to see that you haven't gotten a soltuion yet. This site is usually top-notch for finding a cure. I hope I didn't turn your question into some kind of joke because of my earlier respionse. I will offer this, and then hope that the commumity continues to provide feedback;
If you're hosting your own zone, as it appears you are, your records to your clients should update almost immediately when you make a change. Since that doesn't seem to be happening, though, you've got one of two problems.
Either your DHCP servers are pushing out the incorrect Name Server information to your clients, or you haven't set your DNS server to be the SOA of you domain.
Again, I apologize if my off-the-wall comments have deterred assistance for you, and truly do hope find a resolution quickly.
If you're hosting your own zone, as it appears you are, your records to your clients should update almost immediately when you make a change. Since that doesn't seem to be happening, though, you've got one of two problems.
Either your DHCP servers are pushing out the incorrect Name Server information to your clients, or you haven't set your DNS server to be the SOA of you domain.
Again, I apologize if my off-the-wall comments have deterred assistance for you, and truly do hope find a resolution quickly.
ASKER
>Either your DHCP servers are pushing out the incorrect Name Server information to your clients, or you haven't set your DNS server to be the SOA of you domain.
DHCP is working fine.
>If you're hosting your own zone, as it appears you are, your records to your clients should update almost immediately when you make a change. Since that doesn't seem to be happening, though, you've got one of two problems.
Current clients are updating there IP when it changes no problem. I can ping to all current desktop or laptops by names. However we might have found the problem now. The old records like desktops & laptops that are no longer here are still in the DNS server. I have noticed that the computer account for some of these are still in AD. Would the DNS RR be kept if the computer has not been remove/deleted from the domain???
Most computers when we remove them from the network are jsut shutdown & formated. They never get removed from the domain before the format so computer account stay in our AD.
I did remove one computer from AD last week & it has no RR sitting in AD.
I have delete one of the PCs that is no longer around & will see if its RR will disapear over the next few days.
DHCP is working fine.
>If you're hosting your own zone, as it appears you are, your records to your clients should update almost immediately when you make a change. Since that doesn't seem to be happening, though, you've got one of two problems.
Current clients are updating there IP when it changes no problem. I can ping to all current desktop or laptops by names. However we might have found the problem now. The old records like desktops & laptops that are no longer here are still in the DNS server. I have noticed that the computer account for some of these are still in AD. Would the DNS RR be kept if the computer has not been remove/deleted from the domain???
Most computers when we remove them from the network are jsut shutdown & formated. They never get removed from the domain before the format so computer account stay in our AD.
I did remove one computer from AD last week & it has no RR sitting in AD.
I have delete one of the PCs that is no longer around & will see if its RR will disapear over the next few days.
ASKER
RR are still there even from PC i have delete out of AD.
ASKER
They are gone now. Do not know what worked one of these suggestions worked. I think it was this one.
http://support.microsoft.com/default.aspx?scid=kb;en-us;816592
The problem usually occurs when "Secure Dynamic Updates" aren't enabled in DNS, and there is a Group Policy setting on each machine that can counteract that. If you can force a GRO to the client machines, the setting is at Computer Configuration --> Administrative Templates --> Network --> DNS Client.