Solved

DNS Records Deleted?

Posted on 2016-07-21
12
68 Views
Last Modified: 2016-07-28
I would like to know under what circumstances (either by design or otherwise... all inclusive) would any server (including domain controllers) remove their own DNS records.  

Is this not only possible but is it something that occurs regularly/normally??  and if so, why?

Thank you!
0
Comment
Question by:Danny Verrazano
  • 4
  • 4
  • 2
  • +2
12 Comments
 
LVL 26

Accepted Solution

by:
DrDave242 earned 250 total points
ID: 41723266
Scavenging is the main reason that comes to mind. This is the process by which a DNS server looks at all of the records in a zone and deletes the ones that haven't been refreshed or updated within a certain length of time. The process is a bit more complicated that that, of course; this article gives a very good overview of it.
1
 

Author Comment

by:Danny Verrazano
ID: 41723293
Let me ask a different way.

Does a server (and/or Domain Controller) have the ability to remove its own DNS records (A or SRV)?

If yes, when and why would that happen?

Anyone?
0
 
LVL 6

Expert Comment

by:efrimpol
ID: 41723406
I've never come across a situation whereas a DC would remove it's own DNS info and I've been managing a network since days of NT4.
0
 

Author Comment

by:Danny Verrazano
ID: 41723646
When dynamic updates is turned on, even with servers set with static IP addresses, do they refresh their DNS records on a schedule of some sort?  

If so, what would that refresh look like to the DNS servers?  How is it done?  Is it that they do a delete and then re-register??
0
 
LVL 26

Expert Comment

by:DrDave242
ID: 41723649
I agree with efrimpol. Yes, the server has the ability to do this, because the permissions on the server's own DNS records allow it to make changes to them, but I can't think of a situation in which a server would delete them (aside from some kind of strange malware action).
0
 
LVL 26

Expert Comment

by:DrDave242
ID: 41723651
I believe the refresh happens every 60 minutes for a DC and every 24 hours for everything else. Nothing gets deleted during a refresh; the timestamp on the record is simply updated.
0
NAS Cloud Backup Strategies

This article explains backup scenarios when using network storage. We review the so-called “3-2-1 strategy” and summarize the methods you can use to send NAS data to the cloud

 
LVL 5

Assisted Solution

by:Mdlinnett
Mdlinnett earned 125 total points
ID: 41723775
Scavenging only affects DCs / NameServers if the DNS entry is managed dynamically rather than statically, this is not 'out of the box' behaviour.

Go into your DNS console and check the 'Timestamp' column for your DC's, does it have a date and time or does it say 'static'?

If they aren't static, follow this guide to update the records you need to > http://social.technet.microsoft.com/wiki/contents/articles/21726.how-to-convert-a-dynamic-resource-record-to-a-static-one-without-re-creating-it-in-dns.aspx

Make sure that the affected DNS zone(s) are set to only receive Secure dynamic updates (Right-click the zone > Properties > 'General' tab).
1
 

Author Comment

by:Danny Verrazano
ID: 41724553
So you all are mentioning that Dynamic DNS clients regularly update records (every 24 hours?).  

What is the expected normal behavior of servers/domain controllers with static IP addresses in regards to the event logs?  In other words, what events would be logged when a server/domain controller successfully updates or refreshes its DNS records?  

and

What events would be logged on Servers/Domain Controllers if they could not successfully update their DNS records?
0
 
LVL 5

Expert Comment

by:Mdlinnett
ID: 41725156
I can't be very specific on that, I'm afraid.  What I can tell you is that the DNS console has it's own event log, you could filter that for errors / warnings?
0
 
LVL 26

Expert Comment

by:DrDave242
ID: 41725320
I'm fairly certain nothing goes into the event logs when a machine (DC or not) successfully refreshes its DNS records. I'm not sure whether anything gets logged when a refresh fails, but I don't think so. At least, I can't recall ever seeing an event of that sort.

Incidentally, it doesn't even appear that debug logging logs refresh packets.
1
 
LVL 17

Assisted Solution

by:Learnctx
Learnctx earned 125 total points
ID: 41728743
Does a server (and/or Domain Controller) have the ability to remove its own DNS records (A or SRV)?

Open in new window

Yes of course. A DC can do whatever it wants which is why you should limit what runs on a DC (for example sharing a rule like DHCP on a DC can have some really interesting outcomes if someone wants to mess with you).

If yes, when and why would that happen?

Open in new window

I have seen it happen when a DC has no primary DNS suffix set. Sometimes it just happens; if you run monitoring like SCOM with an AD management pack it is not unusual to see these sorts of errors from time to time. Restarting netlogon usually resolves the issue and causes the DC to re-register their records correctly.
1
 

Author Closing Comment

by:Danny Verrazano
ID: 41733224
Thank you all for your input.  Greatly appreciated.
0

Featured Post

Enterprise Mobility and BYOD For Dummies

Like “For Dummies” books, you can read this in whatever order you choose and learn about mobility and BYOD; and how to put a competitive mobile infrastructure in place. Developed for SMBs and large enterprises alike, you will find helpful use cases, planning, and implementation.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Resolve DNS query failed errors for Exchange
In this article, I am going to show you how to simulate a multi-site Lab environment on a single Hyper-V host. I use this method successfully in my own lab to simulate three fully routed global AD Sites on a Windows 10 Hyper-V host.
This tutorial will give a short introduction and overview of Backup Exec 2012 and how to navigate and perform basic functions. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as conne…
This tutorial will walk an individual through the steps necessary to install and configure the Windows Server Backup Utility. Directly connect an external storage device such as a USB drive, or CD\DVD burner: If the device is a USB drive, ensure i…

911 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now