thanks for the post matt. i want to quick separate two things to make sure
that i understand what you are looking for. you mention in your post, 'As
far as I'm aware servers are supposed to re-register their static addresses
every 24 hours, but this doesn't seem to happen...'. this is what i want to
separate.
- statically IPed resources, will attempt to register or refresh their
records every 24 hours.
- however, if a static record in dns already exists for that resource,
nothing is likely to happen. here's why. when a record is dynamically
registered, the resource that registered it will be granted write access to
that record so that when a change is necessary, it can update the record
appropriately. this is the behavior that most of us are used to. however,
if a static record is created, there is no write access granted to the
resource for which the static record was created. now, when the statically
IPed resource attempts to dynamically update its dns record, it will be
refused.
this is likely why you are not seeing the static records get updated.
if you want to force all records (including static dns records) to age, you
can use dnscmd /ageallrecords. this will apply the current time as the
timestamp for all records that it applies to. aging all records and then
enabling scavenging on the server will help to clean out those records. one
point of caution, as you know, scavenging is non-discriminatory. if the
record is stale (or aged), scavenging is going to get rid of it even if that
is a critical box for you. it's important to know that your resources are
dynamically updating as desired.
for more information on zones and record registration intervals:
http://cbfive.com/blog/post/Enabling...y-Updates.aspx
--
hth.
/rich
http://cbfive.com
http://cbfive.com/blogs
"Matt Coleman" wrote:
> We have a problem with stale resource records in DNS because scavenging
> wasn't switched on when the domain was created. There are loads of records
> for machines with the same IP address where machines got addresses from DHCP
> but their records weren't deleted when the DHCP lease expired.
>
> I know you can use the 'DNSUpdateProxy' to allow DHCP to update DNS when
> secure updates are enabled but unfortunately the DHCP server is shared across
> two forests, so the built-in group can't be used: the DHCP server issues
> addresses to it's own forest (i.e. ForestA) and another forest (ForestB).
> ForestB is the one where scavenging isn't enabled (it is enabled on ForestA).
>
> I have enabled the scavenging options (within ForestB) for a DNS zone
> (AD-integrated) but reset the 'scavenging server' options so that scavenging
> doesn't occur. Because it hasn't run since AD was installed, I don't want it
> to remove records until I'm sure they're stale. As far as I'm aware servers
> are supposed to re-register their static addresses every 24 hours, but this
> doesn't seem to happen as their records are really old too (another reason
> why I don't want to enable scavenging yet). I could disable the 'delete stale
> records' option for servers, but I would rather configure it to automatically
> refresh.
>
> I would be grateful for any assistance; as I would rather not spend the next
> few weeks clearing out DNS!
>
> regards,
>
> Matt Coleman.
>
>
>
Similar Threads
Linear Mode
