?
Solved

Need to know what devices are querying a DNS server i want to decom

Posted on 2013-12-10
6
Medium Priority
?
623 Views
Last Modified: 2013-12-10
Hi All

I need to decomission an old Internal Windows 2003 DNS server, I have changed our DHCP scopes and also have a powershell script i can run on servers to identify what ones are still configured with this DNS server

Issue i have is the non windows servers and network / storage devices etc that are configured.

Is there a log on the DNS server that will show me what IP addresses queries are coming from?

Thanks
0
Comment
Question by:ncomper
  • 2
  • 2
  • 2
6 Comments
 
LVL 10

Assisted Solution

by:jmanishbabu
jmanishbabu earned 1000 total points
ID: 39708338
You can activate the dns debug log. There you find the request from the boxes which are still using the dns server.

Information how to activate this you find here

http://technet.microsoft.com/en-us/library/cc759581%28WS.10%29.aspx
0
 
LVL 10

Expert Comment

by:jmanishbabu
ID: 39708341
Also found this on Technet

Eeither use Netmon/Wireshark or Ethereal to monitor the request hitting which DNS for authentication. DClocator process use SRV records in DNS for locating DC for authentication in its site, if DC in its own site is not available generic srv records are used for locating a DC which is published in domain folder in msdcs (DNS). But for you much better option can be monitoring the traffic via tools listed can accommodate your need. Also, If you delete srv records of old DC new srv records will be registered based on Iamrafic's suggestion or reducing the TTL suggested by Paul.

DCLocator process

http://blogs.technet.com/b/arnaud_jumelet/archive/2010/07/05/domain-controller-locator-an-overview.aspx 

http://blogs.technet.com/b/arnaud_jumelet/archive/2010/07/11/domain-controller-locator-in-depth.aspx
0
 
LVL 9

Expert Comment

by:VirastaR
ID: 39708572
Hi,

May I ask what Non-windows DNS Environment you have?

That will help us with better information to assist you further.
0
Never miss a deadline with monday.com

The revolutionary project management tool is here!   Plan visually with a single glance and make sure your projects get done.

 
LVL 5

Author Comment

by:ncomper
ID: 39708966
Hi

Basically i am going to be decommissioning the last 2003 DC in our domain which was also a DNS server, once this is gone we can go to a native 2008 domain / forst level.  We have changed all of the DHCP scopes and also run a powershell script to modify the Windows servers to point to our new 2008 DC's for DNS.

The problem i have is that there are going to be a lot of appliances out there too that i cant run the powershell script against, things that come to mind are our phone system, UPS Firewalls / switches etc etc, most we will know about and can change but i am sure they will be things out there that we miss

By looking at the logs on this 2003 DC im hoping to be able to see what devices have queried it so we can track them down and update their DNS settings

Thanks
0
 
LVL 9

Accepted Solution

by:
VirastaR earned 1000 total points
ID: 39709076
Hi,

Thanks for the detailed overview.

I guess the below references will help you in accomplishing the task

Note: Please go through the "Using server debug logging options" to understand which options enables what effect and logging behavior on the DNS server.

Enable DNS Request Logging for Windows 2003/2008
Using server debug logging options
View a DNS server debug log file

Hope that helps :)
0
 
LVL 5

Author Closing Comment

by:ncomper
ID: 39709209
Thanks Both
0

Featured Post

2018 Annual Membership Survey

Here at Experts Exchange, we strive to give members the best experience. Help us improve the site by taking this survey today! (Bonus: Be entered to win a great tech prize for participating!)

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This applies to Dell but may also apply to other manufacturers as well. We ran across a few machines that just dropped recently it trust relationship with the server. After doing the basic removing and joining the domain again, it changed to No logo…
You have missed a phone call. The number looks like it belongs to the bunch of numbers which your company uses. How to find out who has just called you?
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

588 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question