Active Directory CName Records

We have a mix of Windows 2012 and 2016 DC's and have DNS auditing enabled and used by a third party application for auditing. I have noticed the DC's CNAME record get added then removed with the action being request by the DC the record is for. Is this normal?
LVL 21
compdigit44Asked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

arnoldCommented:
Which records are being added as CNAMES, not sure I can answer based on a general question.
0
ArneLoviusCommented:
DC's would usually have A records rather than CNAME records

There are GUID CNAME records in _msdcs, are there the records that you are referring to ?
1
Qlemo"Batchelor", Developer and EE Topic AdvisorCommented:
_msdcs is managed dynamically, so adding and removing entries for services is nothing unusual there.
0
Big Business Goals? Which KPIs Will Help You

The most successful MSPs rely on metrics – known as key performance indicators (KPIs) – for making informed decisions that help their businesses thrive, rather than just survive. This eBook provides an overview of the most important KPIs used by top MSPs.

MaheshArchitectCommented:
CNAME records contains DC GUID and should not change unless you demote / promote domain controllers, only time stamp should get updated time to time

Check if you have CNAME records for all DCs and if you ping them, each of them should be able to resolve to correct domain controller
0
compdigit44Author Commented:
Thank you for the feedback everyone. The CNAME records I am referring to are the DC GUID's and to see the timestamps on the as updated today. What I find interesting is that all DC's have static IP's of course yet the TTL is set to 10 minutes to delete the record when stall. What I am confused by is if the DC's are not reboot or another how are why are the CNAME GUID's getting updated?
0
MaheshArchitectCommented:
Are u saying that GUID'S ARE. CHANGING ?

Expiring TTL WOULD only change caching period but record would not get stale
OR
are u saying that scavenging period is set to 10 minutes only?
In that case change scavenging period to at least one day and check else u may lose other important records as well due to low scavenging period
0
arnoldCommented:
TTL of 10 minutes to handle should the DC become unavailable. you do not want a "stale" record for a DC i.e. you are updating it or it crashed, you want it excluded as soon as possible....
0
compdigit44Author Commented:
I need to confirm that GUID are not change but 95% certain it is only the DNS record getting refreshed
0
MaheshArchitectCommented:
That's make sense and expected behaviour
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows Server 2016

From novice to tech pro — start learning today.