Solved

Leftover DNS records after removing a domain controller

Posted on 2010-11-25
4
1,523 Views
Last Modified: 2012-10-07
I followed the MS protocols documented on technet to remove several domain controllers that were also acting as a DNS servers. I'm still seeing a number of DNS records referencing the old server:
1. NS records in the _msdcs.mydomain.local zone
2. Some SRV records under _msdcs
3. Some under domaindnszones under mydomain.local
4. Some under forestdnszones under mydomain.local

I see these for several DCs I removed. Some are from mydomain.local and some are from subdomain.mydomain.local.

I saw no errors during the dcpromo process for any DC and I'm seeing several DCs listed so I'm assuming this is not some one-time dcpromo error.

Why are these records there? Will they be automatically removed at some point? If not, how do I remove them?


0
Comment
Question by:Julian123
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 14

Expert Comment

by:canali
ID: 34217172
"I saw no errors during the dcpromo process for any DC"
BUT in the event viewer there is some errors?

If there isn't errors, try the script to have some information more , and then remove the leftover dns record, but pay attention...

Gastone
Function fGetDCList()
 ' AUTHOR: DiGiTAL SkReAM
 ' CONTACT: digital.skream@gmail.com
 ' DATE  : 4/8/2006
 ' COMMENT: Will return a list of all of the Domain Controllers in an
 '        Active Directory domain.
 Dim oRoot, sConfigNamingContext, oADOConnection, oADOCommand, sADOQuery
 Dim oRecordSet, oDC, oSite, oCat, iErr
 fGetDCList = "N/A"
 On Error Resume Next 
  Set oRoot = GetObject("LDAP://RootDSE")
  iErr = Err.Number
 On Error GoTo 0 
  If iErr = 0 Then 
   sConfigNamingContext = oRoot.Get("configurationNamingContext")
   Set oADOCommand = CreateObject("ADODB.Command")
   Set oADOConnection = CreateObject("ADODB.Connection")
   oADOConnection.Provider = "ADsDSOObject"
   oADOConnection.Open "Active Directory Provider"
   oADOCommand.ActiveConnection = oADOConnection
   sADOQuery = "<LDAP://" & sConfigNamingContext & ">;(ObjectClass=nTDSDSA);AdsPath;subtree"
   oADOCommand.CommandText = sADOQuery
   oADOCommand.Properties("Page Size") = 100
   oADOCommand.Properties("Timeout") = 30
   oADOCommand.Properties("Cache Results") = False
   Set oRecordSet = oADOCommand.Execute
   'Set oCat = New StringCat
    Do Until oRecordSet.EOF
      Set oDC = GetObject(GetObject(oRecordSet.Fields("AdsPath")).Parent)
      wscript.echo "Netbios_Name : " & oDC.cn
       wscript.echo  "FQDN : " & oDC.DNSHostName & VbCrLf 
      oRecordSet.MoveNext
    Loop
   oADOConnection.Close
   'fGetDCList = oCat.Flush
  End If 
 End Function
call fGetDCList()

Open in new window

0
 
LVL 12

Expert Comment

by:Vaseem Mohammed
ID: 34222621
Is you DNS set to scavenging?
how many days has passed after u removed DC?
0
 
LVL 12

Author Comment

by:Julian123
ID: 34222805
I have manually initiated scavenging. I removed my DC serveral days ago (about 7)
0
 
LVL 12

Accepted Solution

by:
Vaseem Mohammed earned 500 total points
ID: 34222858
I think we have to remove it manually, recently I also removed a failed DC which was DC, and I had to remove its records manually from DNS, the Host, PTR, cname from _msdcs etc.
Even if we check the article at http://support.microsoft.com/kb/216498 it says to remove it manually.

The nameserver tab is also an important section which I did forget in my scenario :-D

If i stumble across any method which can remove automatically will let you know.
0

Featured Post

How our DevOps Teams Maximize Uptime

Our Dev teams are like yours. They’re continually cranking out code for new features/bugs fixes, testing, deploying, responding to production monitoring events and more. It’s complex. So, we thought you’d like to see what’s working for us. Read the use case whitepaper.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Active Directory security has been a hot topic of late, and for good reason. With 90% of the world’s organization using this system to manage access to all parts of their IT infrastructure, knowing how to protect against threats and keep vulnerabil…
A hard and fast method for reducing Active Directory Administrators members.
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
This video shows how to use Hyena, from SystemTools Software, to update 100 user accounts from an external text file. View in 1080p for best video quality.

738 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question