Solved

DNS Zone File Full of Stale Records, Scavenging not removing anything

Posted on 2014-02-10
2
980 Views
Last Modified: 2014-02-28
Windows DNS Server 2008 R2, Active Directory.
I have been looking here, there, and everywhere for tips on how to solve this, but I'm on the verge of just clearing my DNS Database and letting hosts re-register themselves. Extreme, but perhaps better.

So it's pretty straightforward, I have stale records in DNS that will not scavenge out. I have two domain controllers, I only have Scavenging enabled on one. I have issued
dnscmd /AgeAllRecords

Open in new window

to date records that were stale before scavenging was enabled. I have waited, and run scavenging jobs. Still, these records remain in the DNS Database. Scavenging, when run, runs successfully, generating an Event 2501 detailing the results of the Scavenging run. Zones and Nodes are visited, but only a limited number or zero items are scavenged.

Any help beyond what I've already looked at is appreciated.
0
Comment
Question by:LingerLonger
2 Comments
 
LVL 35

Accepted Solution

by:
Mahesh earned 500 total points
Comment Utility
Scavenging must be enabled at DNS server level and zone level also

Also have you enabled secure dynamic update on your DNS zone ?
If not please enable it.

Dnscmd /ageallrecords is not recommended command and you could execute it only when MS support suggest that in case of any weired issues

Also are you running DHCP on domain controllers ?

In that case you must set standard user account in dhcp console to work with dynamic updates

Check below post for more details
http://www.experts-exchange.com/OS/Microsoft_Operating_Systems/Server/2003_Server/Q_28306544.html

Mahesh
0
 
LVL 12

Author Closing Comment

by:LingerLonger
Comment Utility
Link suggested helped clarify some of the settings I had configured a little too broadly, but ultimately I had to just purge most of the stale records from my DNS database. Once purged, Scavenging was doing its job to keep up.
0

Featured Post

What Should I Do With This Threat Intelligence?

Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

Join & Write a Comment

Scenario:  You do full backups to a internal hard drive in either product (SBS or Server 2008).  All goes well for a very long time.  One day, backups begin to fail with a message that the disk is full.  Your disk contains many, many more backups th…
Resolve DNS query failed errors for Exchange
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This tutorial will show how to configure a new Backup Exec 2012 server and move an existing database to that server with the use of the BEUtility. Install Backup Exec 2012 on the new server and apply all of the latest hotfixes and service packs. The…

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now