Manually adding the missing DNS entries for Active Directory Domain Controller ?
Hi People,
I need to fix my AD environment which is looking like a mess at the moment (lots of old entries of Win 2k3 DC that was not properly removed from AD), so based on the netdom query dc and netdom query fsmo command result, I can see that some of the DNS entries in the gc._msdcs.domain.com got missing entries.
My question is:
1. How can I add the missing Host (A) record automatically in the gc folder ? the rest of the entries got timestamp so I guess it is not manually typed.
2. Can I assume that for example, netdom query dc command returns 95 domain controllers/global catalog so the number of Host (A) record, _ldap records (SRV) must also be the same number which is 95 ? what if the number is different can I add it manually or is there any way to automatically adding it to each folder under the _msdcs container ?
Thanks.
I need to fix my AD environment which is looking like a mess at the moment (lots of old entries of Win 2k3 DC that was not properly removed from AD), so based on the netdom query dc and netdom query fsmo command result, I can see that some of the DNS entries in the gc._msdcs.domain.com got missing entries.
My question is:
1. How can I add the missing Host (A) record automatically in the gc folder ? the rest of the entries got timestamp so I guess it is not manually typed.
2. Can I assume that for example, netdom query dc command returns 95 domain controllers/global catalog so the number of Host (A) record, _ldap records (SRV) must also be the same number which is 95 ? what if the number is different can I add it manually or is there any way to automatically adding it to each folder under the _msdcs container ?
Thanks.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
@footech: yes, somehow DNS scavenging in all of my DNS servers is not enabled. What's the side effect of enabling it now considering there are some missing host (A) records in gc_._msdcs.domain.local container ?
Does it also helps me to automatically delete the old domain controller entries which is still lingering in the DNS ?
Does it also helps me to automatically delete the old domain controller entries which is still lingering in the DNS ?
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Ok so restarting the netlogon service, does it requires to restart the exchange server service as well or not really affecting exchange server at all ?
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Uhm. What if I don't restart the exchange netlogon service ?
Is there any impact to the mail flow when I restart some of the DC/GC netlogon service used by the exchange server ?
I have 3 listed so if I restart one by one would that be a problem or suggested way ?
Is there any impact to the mail flow when I restart some of the DC/GC netlogon service used by the exchange server ?
I have 3 listed so if I restart one by one would that be a problem or suggested way ?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks !
ASKER
I'm not sure what my predecessors did to this environment.
@Mahesh: "Then you may restart netlogon service on each DC" whoa, can I just restart the NETLOGON process on the DC with the missing entry only (some of my site offices) ? if I restart the main DC in my data center AD site, I'm worried that's gonna affect my Exchange Server email flow.