A records disappear

[Steve Good]

I have a few A records that just disappear everyonce in a
while. It is always the same servrs. (3 of them) and there
is no set schedule when they disapper sometimes 2 days
some time 4 days. Any suggestions?

 

[Ace Fekay [MVP]]

In

I have a few A records that just disappear everyonce in a
while. It is always the same servrs. (3 of them) and there
is no set schedule when they disapper sometimes 2 days
some time 4 days. Any suggestions?

What sort of records? Forward or reverse records?
Records you created manually or from dynamic updates?
Records for your DC or for client machines?

--
Regards,
Ace

Please direct all replies ONLY to the Microsoft public newsgroups
so all can benefit.

This posting is provided "AS-IS" with no warranties or guarantees
and confers no rights.

Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
Microsoft Windows MVP - Windows Server - Directory Services

Security Is Like An Onion, It Has Layers
HAM AND EGGS: A day's work for a chicken;
A lifetime commitment for a pig.

 

[Steve Good]

These are forward lookup records. They were originaly
Dynamic records. I have to maunally recreate them each
time they disappear. These records are for non DC servers.

Thanks for the assistance!
Steve

 

[Ace Fekay [MVP]]

In

These are forward lookup records. They were originaly
Dynamic records. I have to maunally recreate them each
time they disappear. These records are for non DC servers.

Thanks for the assistance!

No problem, let's see is we can figure this out.

I'm trying to get a clearer picture of exactly what is being overwritten.
You say they were originally dynamic, and they are from a member server? Are
you re-creating the record using the actual name of the machine or a
different name for the machine, so it shows up as two records under the zone
pointing to the same IP?

Are those member servers still register their own records in conjunction to
the record you are trying to create? If so, the auto process can be
overwriting this record. You can possibly uncheck 'register this connection'
in IP properties, Advanced, DNS tab.



--
Regards,
Ace

Please direct all replies ONLY to the Microsoft public newsgroups
so all can benefit.

This posting is provided "AS-IS" with no warranties or guarantees
and confers no rights.

Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
Microsoft Windows MVP - Windows Server - Direcory Services

Security Is Like An Onion, It Has Layers
HAM AND EGGS: A day's work for a chicken;
A lifetime commitment for a pig.

 

[Guest]

These servers were all new servers that were joined to the
domain in the last year. Everything has been normal untill
about the last 6 months. At that time users were unable to
acess the servers. I found that the Forward Lookup Zone
record was gone. So I would just recreate the A record and
then restart DNS and everything would be back to normal.
There is no pattern to when they disappear. Once it is
gone out of DNS it never registers again, I have to
manualy add the FLZ record. Hope that all made sense.

-----Original Message-----
In Steve Good <[email protected]> made a post then I
commented below

No problem, let's see is we can figure this out.

I'm trying to get a clearer picture of exactly what is being overwritten.
You say they were originally dynamic, and they are from a member server? Are
you re-creating the record using the actual name of the machine or a
different name for the machine, so it shows up as two records under the zone
pointing to the same IP?

Are those member servers still register their own records in conjunction to
the record you are trying to create? If so, the auto process can be
overwriting this record. You can possibly

uncheck 'register this connection'

 

[ObiWan]

These servers were all new servers that were joined to the

domain in the last year. Everything has been normal untill

<snip>

Ace; Steve ... maybe this is a silly question, but
did you check if those records have the check
on "delete this record when it becomes stale" ?

Also, the zone is handled by a single DNS or
there's more than one, and in such a case, which
one is "primary" for such zone ?

 

[Ace Fekay [MVP]]

In

Ace; Steve ... maybe this is a silly question, but
did you check if those records have the check
on "delete this record when it becomes stale" ?

Also, the zone is handled by a single DNS or
there's more than one, and in such a case, which
one is "primary" for such zone ?

Good point Obi. That reminds me of something I saw in the past. There was
another poster that had a similar issue, and it was due to the zone being AD
Integrated, but it had a conflict due to replication issues. If the zone is
AD Integrated, I would like Steve to go into ADUC, select Advanced View, and
check for something called MS DNS Services (or similar - don't have a DC in
front of me at the moment) and see if there is an entry for the zone that
starts with "CNF" with a long GUID number after it. If its there, I would
like him to delete that, and also delete any other zones in there, and then
force replication (if there is more than one DC/DNS) and then re-create the
zone.

Ace

 

[Steve Good]

All my records are checked for deletetion when it becomes
stale. Wouldnt this happen to all records then?
Also found nothing with the CNF.

 

[Ace Fekay [MVP]]

In

Also, the zone is handled by a single DNS or
there's more than one, and in such a case, which
one is "primary" for such zone ?

Forgot to answer this one. If the zone is AD Integrated, they are all
"Primary", so to speak and authorative for the zone.

Ace

 

[Ace Fekay [MVP]]

In

All my records are checked for deletetion when it becomes
stale. Wouldnt this happen to all records then?
Also found nothing with the CNF.

I am assuming then you are using scavenging. See if this helps:

http://www.microsoft.com/windows200...elp/sag_DNS_pro_ConfigAgingScavengingNode.htm



--
Regards,
Ace

Please direct all replies ONLY to the Microsoft public newsgroups
so all can benefit.

This posting is provided "AS-IS" with no warranties or guarantees
and confers no rights.

Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
Microsoft Windows MVP - Windows Server - Directory Services

Security Is Like An Onion, It Has Layers
HAM AND EGGS: A day's work for a chicken;
A lifetime commitment for a pig.

 

[Kevin D. Goodknecht Sr. [MVP]]

In

All my records are checked for deletetion when it becomes
stale. Wouldnt this happen to all records then?
Also found nothing with the CNF.

Yes, it will, but the dynamically created records will get re-registered by
the machines, giving them an updated time stamp. Manually created records
won't get re-registered and won't get a fresh time stamp.

 

[Guest]

Thanks I will look thru the info!

In

I am assuming then you are using scavenging. See if this helps:

http://www.microsoft.com/windows200...elp/sag_DNS_pro_ConfigAgingScavengingNode.htm



--
Regards,
Ace

Please direct all replies ONLY to the Microsoft public newsgroups
so all can benefit.

This posting is provided "AS-IS" with no warranties or guarantees
and confers no rights.

Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
Microsoft Windows MVP - Windows Server - Directory Services

Security Is Like An Onion, It Has Layers
HAM AND EGGS: A day's work for a chicken;
A lifetime commitment for a pig.

 

[Ace Fekay [MVP]]

In

Thanks I will look thru the info!

Post back with an update after you read thru it please!

Ace

 

[ObiWan]

Also, the zone is handled by a single DNS or

Forgot to answer this one. If the zone is AD Integrated,
they are all "Primary", so to speak and authorative for
the zone.

Yes Ace, sorry for that, I was "side thinking" and posted
an incorrect into .. I was thinking to replication and got
"sidetracked" <grin>

 

[ObiWan]

Yes, it will, but the dynamically created records
will get re-registered by the machines, giving them
an updated time stamp. Manually created records
won't get re-registered and won't get a fresh time stamp.

Ok .. now let's try to follow the above line of thought;
let's assume that at a certain point in time the records
were dynamically created but then for whatever reason
the corresponding machines weren't able anymore to
update them, this in turn would take to disappearding
record and the same will happen (as for the above) to
manually created records .. hmm .. I think we may be
on the right track .. comments/ideas ?

 

[Ace Fekay [MVP]]

In

Ok .. now let's try to follow the above line of thought;
let's assume that at a certain point in time the records
were dynamically created but then for whatever reason
the corresponding machines weren't able anymore to
update them, this in turn would take to disappearding
record and the same will happen (as for the above) to
manually created records .. hmm .. I think we may be
on the right track .. comments/ideas ?

That would be inline to the original complaint.

317590 - HOW TO Configure DNS Dynamic Update in Windows 2000, [How it
relates to Pri DNS Suffix and Append parent Suffix. Also DNSUpdateProxy
Group]:
http://support.microsoft.com/default.aspx?scid=KB;en-us;317590

I would probably assume to uncheck 'register thsi connection' on the client,
ensure Option 081 is set to update if client asks for it, and bump the TTL
manually on the manually created record. This way the record doesn't get
dynamically registered.

There was one other link that I couldn;'t fnd related to this... if I can
find it, I'll post back.

Ace

 

[ObiWan]

That would be inline to the original complaint.

317590 - HOW TO Configure DNS Dynamic Update in Windows 2000, [How it
relates to Pri DNS Suffix and Append parent Suffix. Also DNSUpdateProxy
Group]:
http://support.microsoft.com/default.aspx?scid=KB;en-us;317590

I would probably assume to uncheck 'register thsi connection' on the
client, ensure Option 081 is set to update if client asks for it, and bump
the TTL manually on the manually created record. This way the record
doesn't get dynamically registered.

As a note ... I'd try setting the DNS zone to "allow updates" and not
just "allow secure.." to see if this solves the disappearing records
issue, if that works, then we may investigate about the why the
"secure update" isn't working...

There was one other link that I couldn;'t fnd related to this... if I can
find it, I'll post back.

Hmmm .. I may have something around, will dig and little and
post the link(s) as soon as I'll find them

Regards


--

* ObiWan

Microsoft MVP: Windows Server - Networking
http://mvp.support.microsoft.com
http://italy.mvps.org

 

[Ace Fekay [MVP]]

In

Yes Ace, sorry for that, I was "side thinking" and posted
an incorrect into .. I was thinking to replication and got
"sidetracked" <grin>

:-D

This summer is drawing to a close and I didn't do anything to enjoy any free
time or vacation... Oh well, hope your summer was better!

Ace

 

[Guest]

I have read thru the host of info that has been provided and none of this
just makes sense. All the settings are correct and proper and I still have
the same results. Any harm in Deleting the AD comptuer account and then just
join it? It would keep all my shares and such so I don't see any danger in
that. I even over the weekend delete the manual entry and waited 2 days
hoping the servers would re register and still no luck. This one has me
stumped!. Thanks for all the ecellent support you guys provide!!!

Steve Good

 

[Ace Fekay [MVP]]

In

I have read thru the host of info that has been provided and none of
this just makes sense. All the settings are correct and proper and I
still have the same results. Any harm in Deleting the AD comptuer
account and then just join it? It would keep all my shares and such
so I don't see any danger in that. I even over the weekend delete the
manual entry and waited 2 days hoping the servers would re register
and still no luck. This one has me stumped!. Thanks for all the
ecellent support you guys provide!!!

Steve Good

Now you are saying that it won't re-register? I thought you didn't want it
to reg?

There are a couple things that dictate registration:
1. Machine's Primary DNS Suffix (found by rt-clicking My Computer,
Properties, Name tab) has to be set to the zone name.
2. Updates set to yes
3. Only using that specific internal DNS server.
4. The 'register this connection' checkbox is checked.

If you want to disjoing and rejoin the machine, you can give that a try, but
make sure that checkbox stays checked to change domain membership when
membership changes.

Ace