• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 199
  • Last Modified:

DNS Scavenging on All Domain Controllers? or Not?

I have 8 Domain Controllers with the DNS role around the state and want to enable DNS Scavenging, but can't find any answers as to...

1. Is it best practice to enable on all DC's, or just on your PDC and have it replicate out to the others? Need advice...
0
idocinfo
Asked:
idocinfo
3 Solutions
 
diperspCommented:
Having it on your PDC is just fine.  No reason for all DCs to do the work when one can and push the changes out.
0
 
DarinTCHSenior CyberSecurity EngineerCommented:
btw - whAT OS

actually 'BEST Practice' is just the one server

disable on all others then play by zone

here is an older MS article mentioning that same point

https://blogs.technet.microsoft.com/networking/2008/03/19/dont-be-afraid-of-dns-scavenging-just-be-patient/

and one of our older posts for Best Practices

https://www.experts-exchange.com/questions/21349818/Best-Practice-for-enabling-Scavenging-of-DNS.html
0
 
Ganesamoorthy STech LeadCommented:
Not all DNS servers are Scavenging servers, you can configure/promote DNS server to Scavenging servers, this can be PDC or any one DC with good health

http://www.windowstricks.in/windows-dns-scavenging-interview-questions-answers
0
 
idocinfoAuthor Commented:
Thanks...this helps greatly!
0

Featured Post

SMB Security Just Got a Layer Stronger

WatchGuard acquires Percipient Networks to extend protection to the DNS layer, further increasing the value of Total Security Suite.  Learn more about what this means for you and how you can improve your security with WatchGuard today!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now