DNS help

I am currently running my primary DNS server on a Windows 2000 server and I have Windows 2003 member server running SQL database, every month the host entry for the Win 2k3 disappears, and all my users are shouting at me because the Win 2k3 shares are no longer available, as soon as I re-enter the host record for the server in the primary DNS issue resolved, any one experienced with the same issue, if so how did you over come the issue.

Thanks in advance
Passed SNIA - SCSP
Working on VCP4


  • astorrsastorrs Member Posts: 3,139 ■■■■■■□□□□
    Have a look at the aging and scavenging setup on each of your DNS servers.

    Quick overview:
  • TechStrikerTechStriker Member Posts: 131
    Thanks astorrs for your quick response, I will study this article and see if this will help me resolve this issue.

    Passed SNIA - SCSP
    Working on VCP4
  • royalroyal Member Posts: 3,352 ■■■■□□□□□□
    I don't see how scavenging can be the culprit. Static DNS entries have a timestamp of 0 indicating do not scavenge. Since you have been manually adding it back, scavenging wouldn't be deleting it.

    Also, if it was dynamically entered via the client which would allow it to have a timestamp which means it could be scavenged, the host record wouldn't be deleted since the client attempts to re-register every 24 hours, when it boots up, ipconfig /registerdns, 50% until lease is expired, and 87.5% until lease is expired.

    Is there anything in the event viewer around the time it's being deleted?

    You can also try enabling auditing for DNS record deletion. I would link to the site I got the instructions from, but it's flagged as a **** site for some reason. *shrugs*
    1. Enable Directory Service Access auditing in your default Domain Policy: open domain security policy - navigate to Local Policies -> Audit Policy - Define "Audit directory service access" for success and failure - Refresh domain policy on all domain controllers.
    2. Enable auditing on the zone - open AdsiEdit - Navigate to the location of your DNS zone - Right click the zone to audit and choose properties. - go to the security tab, click the advanced button - select the Auditing tab and click Add - for the user or group, type in Everyone - On the Object tab, select Success and Failure for the following Access types: -- Write All Properties, Read All properties, Delete and Delete Subtree - OK out of the policy and refresh the policy again.
    3. When a record is deleted from DNS the following event is logged in the Security
    Event log: Event ID: 566
    Source: SecurityType: Success
    Category: Directory Service Access
    Description: Will post a message similar to following:
    Object Name: DC=recordname,DC=domain,DC=domain,CN=System,DC=dcname,DC=domain
    Properties: Write Property Default property set dnsRecord dNSTombstoned[/quote]
    “For success, attitude is equally as important as ability.” - Harry F. Banks
  • astorrsastorrs Member Posts: 3,139 ■■■■■■□□□□
    The reason I suggested it is I have seen cases where the people creating the records set the option to delete them when they get stale because they don't understand what that means. Also I've seen people run scripts (that someone before them created) that age all the records as a part of their operation (thereby converting them to dynamic records not actually associated with the host - so the host can't update them).

    Once you've created the record go back into its properties and check to see if its timestamped (you'll need to turn on Advanced view).

    Now with all that, why not delete the static entries and go to the 2003 host and run "ipconfig /registerdns" to have it create it dynamically?
  • royalroyal Member Posts: 3,352 ■■■■□□□□□□
    All good points. Thanks.
    “For success, attitude is equally as important as ability.” - Harry F. Banks
Sign In or Register to comment.