Active Directory CName Records

We have a mix of Windows 2012 and 2016 DC's and have DNS auditing enabled and used by a third party application for auditing. I have noticed the DC's CNAME record get added then removed with the action being request by the DC the record is for. Is this normal?
LVL 20
compdigit44Asked:
Who is Participating?
 
MaheshArchitectCommented:
That's make sense and expected behaviour
0
 
arnoldCommented:
Which records are being added as CNAMES, not sure I can answer based on a general question.
0
 
ArneLoviusCommented:
DC's would usually have A records rather than CNAME records

There are GUID CNAME records in _msdcs, are there the records that you are referring to ?
1
Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

 
QlemoBatchelor, Developer and EE Topic AdvisorCommented:
_msdcs is managed dynamically, so adding and removing entries for services is nothing unusual there.
0
 
MaheshArchitectCommented:
CNAME records contains DC GUID and should not change unless you demote / promote domain controllers, only time stamp should get updated time to time

Check if you have CNAME records for all DCs and if you ping them, each of them should be able to resolve to correct domain controller
0
 
compdigit44Author Commented:
Thank you for the feedback everyone. The CNAME records I am referring to are the DC GUID's and to see the timestamps on the as updated today. What I find interesting is that all DC's have static IP's of course yet the TTL is set to 10 minutes to delete the record when stall. What I am confused by is if the DC's are not reboot or another how are why are the CNAME GUID's getting updated?
0
 
MaheshArchitectCommented:
Are u saying that GUID'S ARE. CHANGING ?

Expiring TTL WOULD only change caching period but record would not get stale
OR
are u saying that scavenging period is set to 10 minutes only?
In that case change scavenging period to at least one day and check else u may lose other important records as well due to low scavenging period
0
 
arnoldCommented:
TTL of 10 minutes to handle should the DC become unavailable. you do not want a "stale" record for a DC i.e. you are updating it or it crashed, you want it excluded as soon as possible....
0
 
compdigit44Author Commented:
I need to confirm that GUID are not change but 95% certain it is only the DNS record getting refreshed
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.