Solved

DNS Records Deleted?

Posted on 2016-07-21
12
70 Views
Last Modified: 2016-07-28
I would like to know under what circumstances (either by design or otherwise... all inclusive) would any server (including domain controllers) remove their own DNS records.  

Is this not only possible but is it something that occurs regularly/normally??  and if so, why?

Thank you!
0
Comment
Question by:Danny Verrazano
  • 4
  • 4
  • 2
  • +2
12 Comments
 
LVL 26

Accepted Solution

by:
DrDave242 earned 250 total points
ID: 41723266
Scavenging is the main reason that comes to mind. This is the process by which a DNS server looks at all of the records in a zone and deletes the ones that haven't been refreshed or updated within a certain length of time. The process is a bit more complicated that that, of course; this article gives a very good overview of it.
1
 

Author Comment

by:Danny Verrazano
ID: 41723293
Let me ask a different way.

Does a server (and/or Domain Controller) have the ability to remove its own DNS records (A or SRV)?

If yes, when and why would that happen?

Anyone?
0
 
LVL 6

Expert Comment

by:efrimpol
ID: 41723406
I've never come across a situation whereas a DC would remove it's own DNS info and I've been managing a network since days of NT4.
0
Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

 

Author Comment

by:Danny Verrazano
ID: 41723646
When dynamic updates is turned on, even with servers set with static IP addresses, do they refresh their DNS records on a schedule of some sort?  

If so, what would that refresh look like to the DNS servers?  How is it done?  Is it that they do a delete and then re-register??
0
 
LVL 26

Expert Comment

by:DrDave242
ID: 41723649
I agree with efrimpol. Yes, the server has the ability to do this, because the permissions on the server's own DNS records allow it to make changes to them, but I can't think of a situation in which a server would delete them (aside from some kind of strange malware action).
0
 
LVL 26

Expert Comment

by:DrDave242
ID: 41723651
I believe the refresh happens every 60 minutes for a DC and every 24 hours for everything else. Nothing gets deleted during a refresh; the timestamp on the record is simply updated.
0
 
LVL 5

Assisted Solution

by:Mdlinnett
Mdlinnett earned 125 total points
ID: 41723775
Scavenging only affects DCs / NameServers if the DNS entry is managed dynamically rather than statically, this is not 'out of the box' behaviour.

Go into your DNS console and check the 'Timestamp' column for your DC's, does it have a date and time or does it say 'static'?

If they aren't static, follow this guide to update the records you need to > http://social.technet.microsoft.com/wiki/contents/articles/21726.how-to-convert-a-dynamic-resource-record-to-a-static-one-without-re-creating-it-in-dns.aspx

Make sure that the affected DNS zone(s) are set to only receive Secure dynamic updates (Right-click the zone > Properties > 'General' tab).
1
 

Author Comment

by:Danny Verrazano
ID: 41724553
So you all are mentioning that Dynamic DNS clients regularly update records (every 24 hours?).  

What is the expected normal behavior of servers/domain controllers with static IP addresses in regards to the event logs?  In other words, what events would be logged when a server/domain controller successfully updates or refreshes its DNS records?  

and

What events would be logged on Servers/Domain Controllers if they could not successfully update their DNS records?
0
 
LVL 5

Expert Comment

by:Mdlinnett
ID: 41725156
I can't be very specific on that, I'm afraid.  What I can tell you is that the DNS console has it's own event log, you could filter that for errors / warnings?
0
 
LVL 26

Expert Comment

by:DrDave242
ID: 41725320
I'm fairly certain nothing goes into the event logs when a machine (DC or not) successfully refreshes its DNS records. I'm not sure whether anything gets logged when a refresh fails, but I don't think so. At least, I can't recall ever seeing an event of that sort.

Incidentally, it doesn't even appear that debug logging logs refresh packets.
1
 
LVL 17

Assisted Solution

by:Learnctx
Learnctx earned 125 total points
ID: 41728743
Does a server (and/or Domain Controller) have the ability to remove its own DNS records (A or SRV)?

Open in new window

Yes of course. A DC can do whatever it wants which is why you should limit what runs on a DC (for example sharing a rule like DHCP on a DC can have some really interesting outcomes if someone wants to mess with you).

If yes, when and why would that happen?

Open in new window

I have seen it happen when a DC has no primary DNS suffix set. Sometimes it just happens; if you run monitoring like SCOM with an AD management pack it is not unusual to see these sorts of errors from time to time. Restarting netlogon usually resolves the issue and causes the DC to re-register their records correctly.
1
 

Author Closing Comment

by:Danny Verrazano
ID: 41733224
Thank you all for your input.  Greatly appreciated.
0

Featured Post

Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this article, I am going to show you how to simulate a multi-site Lab environment on a single Hyper-V host. I use this method successfully in my own lab to simulate three fully routed global AD Sites on a Windows 10 Hyper-V host.
This article runs through the process of deploying a single EXE application selectively to a group of user.
To efficiently enable the rotation of USB drives for backups, storage pools need to be created. This way no matter which USB drive is installed, the backups will successfully write without any administrative intervention. Multiple USB devices need t…
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…

832 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question