Awinish's Tech Blog

Lets get into the journey of learning & Share.!!

«
»

DNS Scavenging And Auditing concepts

Posted by Awinish on February 8, 2011

Scavenging is the important process for removal of stale records from DNS to keep it healthy & fit. Lot of people have doubts, whether it has to be enabled or not & find themselves in confused situation what is exactly scavenging & how it works.

I have seen a question, if i create a  static records(created a record manually) will the static record is also be eligible for scavenging, the answer is no. The reason is when you create a static record the box in front to Delete this record when it becomes stale is unchecked(shown in figure), which is not the case with automatic record creation process.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

When any machine is disjoint from domain, its record is not been deleted instantly, but the  dnsTombstoned attribute is changed to TRUE & it is deleted from the DNS server in-memory cache. The scavenging process starts at 2AM everyday & compares the dnsTombstoned value is set for deletion or not.

DNS Scavenging internals (or what is the dnsTombstoned attribute) for AD Integrated zones

http://blogs.technet.com/b/isrpfeplat/archive/2010/09/23/dns-scavenging-internals-or-what-is-the-dnstombstoned-attribute-for-ad-integrated-zones-dstombstoneinterval-dnstombstoned.aspx

Don’t be afraid of DNS Scavenging. Just be patient

http://blogs.technet.com/b/networking/archive/2008/03/19/don-t-be-afraid-of-dns-scavenging-just-be-patient.aspx

It Takes Two–DNS scavenging

http://blogs.technet.com/b/dougga/archive/2012/02/09/it-takes-two-dns-scavenging.aspx

How to enable auditing of records creation, modification or deletion in DNS?

The above reason will suffice, the dns records are not deleted immediately, but dnsTombstoned attribute is changed either True or False for later deletion. So, if you plan to join the system into domain which is immediately been removed, you need to delete the records manually along with manually deleting computer object from ADUC to join the system into domain or wait for few hours to be done.Take a look at below link to know more.

http://blogs.msdn.com/b/anthonw/archive/2006/08/23/715983.aspx

I wanted to point out this wonderful article explaining duplicate dns zones, well written by Greg. I was pointed to this article by Mike Kline.

Am I Seeing Double? The case of “Multiple copies of the same DNS zone”

http://blogs.technet.com/b/askpfeplat/archive/2012/02/05/am-i-seeing-double-the-case-of-quot-multiple-copies-of-the-same-dns-zone-quot.aspx

 

This entry was posted on February 8, 2011 at 10:58 and is filed under DNS/DHCP. Tagged: , , . You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Leave a comment

«
»