Solved

Leftover DNS records after removing a domain controller

Posted on 2010-11-25
4
1,494 Views
Last Modified: 2012-10-07
I followed the MS protocols documented on technet to remove several domain controllers that were also acting as a DNS servers. I'm still seeing a number of DNS records referencing the old server:
1. NS records in the _msdcs.mydomain.local zone
2. Some SRV records under _msdcs
3. Some under domaindnszones under mydomain.local
4. Some under forestdnszones under mydomain.local

I see these for several DCs I removed. Some are from mydomain.local and some are from subdomain.mydomain.local.

I saw no errors during the dcpromo process for any DC and I'm seeing several DCs listed so I'm assuming this is not some one-time dcpromo error.

Why are these records there? Will they be automatically removed at some point? If not, how do I remove them?


0
Comment
Question by:Julian123
  • 2
4 Comments
 
LVL 14

Expert Comment

by:canali
ID: 34217172
"I saw no errors during the dcpromo process for any DC"
BUT in the event viewer there is some errors?

If there isn't errors, try the script to have some information more , and then remove the leftover dns record, but pay attention...

Gastone
Function fGetDCList()
 ' AUTHOR: DiGiTAL SkReAM
 ' CONTACT: digital.skream@gmail.com
 ' DATE  : 4/8/2006
 ' COMMENT: Will return a list of all of the Domain Controllers in an
 '        Active Directory domain.
 Dim oRoot, sConfigNamingContext, oADOConnection, oADOCommand, sADOQuery
 Dim oRecordSet, oDC, oSite, oCat, iErr
 fGetDCList = "N/A"
 On Error Resume Next 
  Set oRoot = GetObject("LDAP://RootDSE")
  iErr = Err.Number
 On Error GoTo 0 
  If iErr = 0 Then 
   sConfigNamingContext = oRoot.Get("configurationNamingContext")
   Set oADOCommand = CreateObject("ADODB.Command")
   Set oADOConnection = CreateObject("ADODB.Connection")
   oADOConnection.Provider = "ADsDSOObject"
   oADOConnection.Open "Active Directory Provider"
   oADOCommand.ActiveConnection = oADOConnection
   sADOQuery = "<LDAP://" & sConfigNamingContext & ">;(ObjectClass=nTDSDSA);AdsPath;subtree"
   oADOCommand.CommandText = sADOQuery
   oADOCommand.Properties("Page Size") = 100
   oADOCommand.Properties("Timeout") = 30
   oADOCommand.Properties("Cache Results") = False
   Set oRecordSet = oADOCommand.Execute
   'Set oCat = New StringCat
    Do Until oRecordSet.EOF
      Set oDC = GetObject(GetObject(oRecordSet.Fields("AdsPath")).Parent)
      wscript.echo "Netbios_Name : " & oDC.cn
       wscript.echo  "FQDN : " & oDC.DNSHostName & VbCrLf 
      oRecordSet.MoveNext
    Loop
   oADOConnection.Close
   'fGetDCList = oCat.Flush
  End If 
 End Function
call fGetDCList()

Open in new window

0
 
LVL 12

Expert Comment

by:Vaseem Mohammed
ID: 34222621
Is you DNS set to scavenging?
how many days has passed after u removed DC?
0
 
LVL 12

Author Comment

by:Julian123
ID: 34222805
I have manually initiated scavenging. I removed my DC serveral days ago (about 7)
0
 
LVL 12

Accepted Solution

by:
Vaseem Mohammed earned 500 total points
ID: 34222858
I think we have to remove it manually, recently I also removed a failed DC which was DC, and I had to remove its records manually from DNS, the Host, PTR, cname from _msdcs etc.
Even if we check the article at http://support.microsoft.com/kb/216498 it says to remove it manually.

The nameserver tab is also an important section which I did forget in my scenario :-D

If i stumble across any method which can remove automatically will let you know.
0

Featured Post

Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article outlines the process to identify and resolve account lockout in an Active Directory environment.
This article describes my battle tested process for setting up delegation. I use this process anywhere that I need to setup delegation. In the article I will show how it applies to Active Directory
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

809 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question