Solved

Need to know what devices are querying a DNS server i want to decom

Posted on 2013-12-10
6
613 Views
Last Modified: 2013-12-10
Hi All

I need to decomission an old Internal Windows 2003 DNS server, I have changed our DHCP scopes and also have a powershell script i can run on servers to identify what ones are still configured with this DNS server

Issue i have is the non windows servers and network / storage devices etc that are configured.

Is there a log on the DNS server that will show me what IP addresses queries are coming from?

Thanks
0
Comment
Question by:ncomper
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
  • 2
6 Comments
 
LVL 10

Assisted Solution

by:jmanishbabu
jmanishbabu earned 250 total points
ID: 39708338
You can activate the dns debug log. There you find the request from the boxes which are still using the dns server.

Information how to activate this you find here

http://technet.microsoft.com/en-us/library/cc759581%28WS.10%29.aspx
0
 
LVL 10

Expert Comment

by:jmanishbabu
ID: 39708341
Also found this on Technet

Eeither use Netmon/Wireshark or Ethereal to monitor the request hitting which DNS for authentication. DClocator process use SRV records in DNS for locating DC for authentication in its site, if DC in its own site is not available generic srv records are used for locating a DC which is published in domain folder in msdcs (DNS). But for you much better option can be monitoring the traffic via tools listed can accommodate your need. Also, If you delete srv records of old DC new srv records will be registered based on Iamrafic's suggestion or reducing the TTL suggested by Paul.

DCLocator process

http://blogs.technet.com/b/arnaud_jumelet/archive/2010/07/05/domain-controller-locator-an-overview.aspx 

http://blogs.technet.com/b/arnaud_jumelet/archive/2010/07/11/domain-controller-locator-in-depth.aspx
0
 
LVL 9

Expert Comment

by:VirastaR
ID: 39708572
Hi,

May I ask what Non-windows DNS Environment you have?

That will help us with better information to assist you further.
0
Office 365 Training for Admins - 7 Day Trial

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

 
LVL 5

Author Comment

by:ncomper
ID: 39708966
Hi

Basically i am going to be decommissioning the last 2003 DC in our domain which was also a DNS server, once this is gone we can go to a native 2008 domain / forst level.  We have changed all of the DHCP scopes and also run a powershell script to modify the Windows servers to point to our new 2008 DC's for DNS.

The problem i have is that there are going to be a lot of appliances out there too that i cant run the powershell script against, things that come to mind are our phone system, UPS Firewalls / switches etc etc, most we will know about and can change but i am sure they will be things out there that we miss

By looking at the logs on this 2003 DC im hoping to be able to see what devices have queried it so we can track them down and update their DNS settings

Thanks
0
 
LVL 9

Accepted Solution

by:
VirastaR earned 250 total points
ID: 39709076
Hi,

Thanks for the detailed overview.

I guess the below references will help you in accomplishing the task

Note: Please go through the "Using server debug logging options" to understand which options enables what effect and logging behavior on the DNS server.

Enable DNS Request Logging for Windows 2003/2008
Using server debug logging options
View a DNS server debug log file

Hope that helps :)
0
 
LVL 5

Author Closing Comment

by:ncomper
ID: 39709209
Thanks Both
0

Featured Post

Salesforce Has Never Been Easier

Improve and reinforce salesforce training & adoption using WalkMe's digital adoption platform. Start saving on costly employee training by creating fast intuitive Walk-Thrus for Salesforce. Claim your Free Account Now

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Active Directory security has been a hot topic of late, and for good reason. With 90% of the world’s organization using this system to manage access to all parts of their IT infrastructure, knowing how to protect against threats and keep vulnerabil…
A hard and fast method for reducing Active Directory Administrators members.
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…

738 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question