Celebrate National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Need to know what devices are querying a DNS server i want to decom

Posted on 2013-12-10
6
Medium Priority
?
617 Views
Last Modified: 2013-12-10
Hi All

I need to decomission an old Internal Windows 2003 DNS server, I have changed our DHCP scopes and also have a powershell script i can run on servers to identify what ones are still configured with this DNS server

Issue i have is the non windows servers and network / storage devices etc that are configured.

Is there a log on the DNS server that will show me what IP addresses queries are coming from?

Thanks
0
Comment
Question by:ncomper
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
  • 2
6 Comments
 
LVL 10

Assisted Solution

by:jmanishbabu
jmanishbabu earned 1000 total points
ID: 39708338
You can activate the dns debug log. There you find the request from the boxes which are still using the dns server.

Information how to activate this you find here

http://technet.microsoft.com/en-us/library/cc759581%28WS.10%29.aspx
0
 
LVL 10

Expert Comment

by:jmanishbabu
ID: 39708341
Also found this on Technet

Eeither use Netmon/Wireshark or Ethereal to monitor the request hitting which DNS for authentication. DClocator process use SRV records in DNS for locating DC for authentication in its site, if DC in its own site is not available generic srv records are used for locating a DC which is published in domain folder in msdcs (DNS). But for you much better option can be monitoring the traffic via tools listed can accommodate your need. Also, If you delete srv records of old DC new srv records will be registered based on Iamrafic's suggestion or reducing the TTL suggested by Paul.

DCLocator process

http://blogs.technet.com/b/arnaud_jumelet/archive/2010/07/05/domain-controller-locator-an-overview.aspx 

http://blogs.technet.com/b/arnaud_jumelet/archive/2010/07/11/domain-controller-locator-in-depth.aspx
0
 
LVL 9

Expert Comment

by:VirastaR
ID: 39708572
Hi,

May I ask what Non-windows DNS Environment you have?

That will help us with better information to assist you further.
0
Introducing the WatchGuard 420 Access Point

WatchGuard's newest access point includes an 802.11ac Wave 2 chipset, providing the fastest speeds for VoIP, video and music streaming, and large data file transfers. Additionally, enjoy the benefits of strong security as the 3rd radio delivers dedicated WIPS protection!

 
LVL 5

Author Comment

by:ncomper
ID: 39708966
Hi

Basically i am going to be decommissioning the last 2003 DC in our domain which was also a DNS server, once this is gone we can go to a native 2008 domain / forst level.  We have changed all of the DHCP scopes and also run a powershell script to modify the Windows servers to point to our new 2008 DC's for DNS.

The problem i have is that there are going to be a lot of appliances out there too that i cant run the powershell script against, things that come to mind are our phone system, UPS Firewalls / switches etc etc, most we will know about and can change but i am sure they will be things out there that we miss

By looking at the logs on this 2003 DC im hoping to be able to see what devices have queried it so we can track them down and update their DNS settings

Thanks
0
 
LVL 9

Accepted Solution

by:
VirastaR earned 1000 total points
ID: 39709076
Hi,

Thanks for the detailed overview.

I guess the below references will help you in accomplishing the task

Note: Please go through the "Using server debug logging options" to understand which options enables what effect and logging behavior on the DNS server.

Enable DNS Request Logging for Windows 2003/2008
Using server debug logging options
View a DNS server debug log file

Hope that helps :)
0
 
LVL 5

Author Closing Comment

by:ncomper
ID: 39709209
Thanks Both
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Auditing domain password hashes is a commonly overlooked but critical requirement to ensuring secure passwords practices are followed. Methods exist to extract hashes directly for a live domain however this article describes a process to extract u…
Uncontrolled local administrators groups within any organization pose a huge security risk. Because these groups are locally managed it becomes difficult to audit and maintain them.
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …

730 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question