Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Using DNSCMD to delete NS records (HELP)

Posted on 2013-01-02
16
Medium Priority
?
4,693 Views
Last Modified: 2013-01-04
After recently demoting a domain controller, I noticed that the NS record for this server was still listed in our forward and reverse lookup zones.

Upon closer inspection, I’m noticing other old NS records for DC’s that were demoted years ago as well.

From what I am reading, it looks like the tool dnscmd can be used to delete the records across the DC’s on our WAN.

Below is my site info:

Forward lookup zone = home.com
Reverse lookup zone = 192.168.1.x
DC name = dc1

Below is the command syntax for using dnscmd / recorddelete:

dnscmd /recorddelete ZoneName NodeName RRType RRData

Using the info above, I am unsure if I am interpreting everything correctly – and I am unsure of what info is used in place of RRData.

I could use some direction in getting my syntax down before running the command – any help would be greatly appreciated.
0
Comment
Question by:acmi
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 8
  • 2
  • 2
  • +2
16 Comments
 
LVL 57

Expert Comment

by:Mike Kline
ID: 38738327
RRData is the IP address

RRType is the record type - NS in your case.

Thanks

Mike
0
 
LVL 18

Expert Comment

by:Sarang Tinguria
ID: 38738329
refer below link it has all the steps to be taken care after unsuccessful DC demotion
If your DC's were demoted gracefuly then skip the metadata part

Metadata cleanup:
http://www.petri.co.il/delete_failed_dcs_from_ad.htm
0
 

Author Comment

by:acmi
ID: 38738389
Okay, looks like I need to be more clear.

The info below is an example of my site info:

Forward lookup zone = home.com
DC name = dc1

The command syntax to delete records from DNS is below:

dnscmd /recorddelete ZoneName NodeName RRType RRData

Using the info above, I need help in applying my info to the syntax of the command correctly.  I need to know what info should be listed in the () below:

dnscmd /recorddelete ZoneName (home.com) NodeName (dc1) RRType (NS) RRData (?)

=

dnscmd / recorddelete home.com dc1 NS ?
0
Office 365 Training for IT Pros

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

 
LVL 18

Expert Comment

by:Sarang Tinguria
ID: 38738413
dnscmd /recorddelete home.com DC1 NS olddnsserver.home.com
0
 
LVL 26

Assisted Solution

by:Leon Fester
Leon Fester earned 2000 total points
ID: 38739220
Do you have standard alone DNS zones or are the AD-integrated.
if AD-integrated then I think you're making your life unneccessarily difficult.

You can use the DNS gui and delete the record from your local DNS server and it will replicate to the other DNS servers.
GUI can also be used to delete from remote servers either logon directly or connect via the local GUI, just right-click the DNS root and select connect to "Connect to DNS server" and select the remote server.

You don't provide enough information for us to contruct the complete DNSCMD command for you.
Here is a good reference with examples.
e.g. dnscmd /recorddelete bigfirm.com @ NS main.bigfirm.com /f
http://msmvps.com/blogs/ad/archive/2008/03/28/dnscmd-reference.aspx
0
 

Author Comment

by:acmi
ID: 38740333
Hello Sarang_Tinguria,

Thank you for your reply.  

DC1 in my example is actually the old DNS server that I want to delete.  I was under the impression that the NodeName was the server name who’s records we want to delete (please let me know if I am wrong).

With this in mind, is the line below correct?

dnscmd /recorddelete home.com DC1 NS DC1.home.com
0
 

Author Comment

by:acmi
ID: 38740578
Hello DVT_Localboy

Our zones are AD integrated.

However, I would prefer getting the command correct rather than searching through DNS for old records – as they can be found in several areas.  It seems like the command route would be more thorough.

Example – I’m finding old records in the area below as well as almost every subdirectory within the root.

Home.com\_msdcs\domains\blabla\_tcp

In regards to not providing enough info to construct the complete command, what info is missing?

We have the ZoneName (home.com)
We have the NodeName (dc1 – I’m understanding the NodeName to mean the name of the DC we are trying to remove – let me know if this is incorrect)
We have the RRType (NS)
Where I am unsure is the RRData info.

Is the RRData the same as the fully qualified name of the record I want to delete – dc1.home.com?

If so, the line below should work – let me know if this is incorrect.


dnscmd /recorddelete home.com DC1 NS DC1.home.com
0
 

Author Comment

by:acmi
ID: 38740673
I believe I have the command correct (in some respect) in my two replies above, as I am now prompted with a “Are you sure you want to delete record” message.

But when I choose “yes” I receive the following error: Command failed: DNS_ERROR_NAME_DOES_NOT_EXIST

So something is still off...
0
 

Author Comment

by:acmi
ID: 38740716
Never mind, I figured it out.  I'll follow up when I've finished up.
0
 

Accepted Solution

by:
acmi earned 0 total points
ID: 38741609
Okay, here’s the deal if anyone stumbles onto this looking for a solution:

First, the command string below from Microsoft is something that I was never able to get to work.

-      dnscmd /recorddelete ZoneName NodeName RRType RRData

Second, the command string from Brian (http://msmvps.com/blogs/ad/archive/2008/03/28/dnscmd-reference.aspx) does work when you know what info to plug in where.

-      dnscmd /recorddelete ZoneName @ RRType RecordInfo

ZoneName = the domain from where the record is to be deleted
RRType = the type of record (A, NS, etc.)
RecordInfo = the record to be deleted (FQN)

Apply this to my example:

-      dnscmd /recorddelete home.com @ NS dc1.home.com

Done.

So, in response to a posting above, the information needed to construct the complete DNSCMD was indeed supplied in the original post as well as in the subsequent thread.  You only need to know the record you want to delete, the record type and the domain from where you want to delete.
0
 

Author Comment

by:acmi
ID: 38744262
I've requested that this question be closed as follows:

Accepted answer: 0 points for acmi's comment #a38741609

for the following reason:

the other postings did not provide the solution I had asked for - some where wrong altogether.
0
 
LVL 27

Expert Comment

by:DrDave242
ID: 38741669
I'd have to say that dvt_localboy got it right in #38739220.

His example:
dnscmd /recorddelete bigfirm.com @ NS main.bigfirm.com /f
The command that worked for you:
dnscmd /recorddelete home.com @ NS dc1.home.com
That's pretty dead-on, if you ask me.  The only difference is the /f switch, which simply specifies that you don't want to be prompted for confirmation.
0
 

Author Comment

by:acmi
ID: 38741757
He also said that I had not provided enough info to construct the command – which was not correct (bad info) – everything was there.  I wasted a lot of time trying to figure out what could be missing (aggravating) – and there was no reply when I asked what was missing.  I’m sure I would have gotten a reply at some point, but it would have been wrong as all the info that was needed was posted.

And throwing an example without applying it to my issue was not very helpful as well (I included my info for a reason).

If anyone were looking for the same solution, my solution would be the most helpful from the tread.
0
 
LVL 26

Expert Comment

by:Leon Fester
ID: 38742960
LMFAO - You reference the links I provided, but I didn't help to resolve this problem.

I wasted a lot of time trying to figure out what could be missing (aggravating)

– Considering your attitute, I'm glad I didn't waste my time either.

and there was no reply when I asked what was missing.

- I don't sit on EE all day baby feeding people information. I have a life and job in real life too.

Hope you have lots of fun with those points you saved yourself, looks like you need them more than me.
0
 
LVL 27

Expert Comment

by:DrDave242
ID: 38744263
I think I'll put this in a moderator's hands, which will hopefully get it resolved to everyone's satisfaction.

Mod: There's a dispute about whether a posted answer was correct.  See previous posts for details.
0

Featured Post

Looking for the Wi-Fi vendor that's right for you?

We know how difficult it can be to evaluate Wi-Fi vendors, so we created this helpful Wi-Fi Buyer's Guide to help you find the Wi-Fi vendor that's right for your business! Download the guide and get started on our checklist today!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Compliance and data security require steps be taken to prevent unauthorized users from copying data.  Here's one method to prevent data theft via USB drives (and writable optical media).
Active Directory can easily get cluttered with unused service, user and computer accounts. In this article, I will show you the way I like to implement ADCleanup..
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …

721 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question