Unable to delete static PTR Record

Hi,

I tried to delete a static PTR record in an AD-integrated zone. However the
record reappears immediately after hitting F5.
The DNS MMC Snap-in doesn' report any error.
I also tried to delete the PTR record via dnscmd /recorddelete. Same
issue... Command completed successfully. no error.

The DNS zone is stored in the domain partition (All domain controllers in
this domain).
It was never changed after updating AD from Windows 2000 to Windows 2003 to
Windows 2008 DCs.

After some research I found out that there was no "dnsNode" object in AD for
this PTR record.

My question is, how can I get rid of this PTR record?

And what are the places where the DNS service on a DC can store its zone
information?
(I thougt that when a DNS zone is configured with the replication option
"All domain controllers in this domain" that all records are stored as
dnsNode objects in the domain partition under
cn=MicrosoftDNS,cn=system,dc=domain,dc=tld ?)

Many thanks in advance for help!
Mario

"Mario" <> wrote in message
news:2B6C9EBC-EA54-4E44-86F4-...
> Hi,
>
> I tried to delete a static PTR record in an AD-integrated zone. However
> the record reappears immediately after hitting F5.
> The DNS MMC Snap-in doesn' report any error.
> I also tried to delete the PTR record via dnscmd /recorddelete. Same
> issue... Command completed successfully. no error.
>
> The DNS zone is stored in the domain partition (All domain controllers in
> this domain).
> It was never changed after updating AD from Windows 2000 to Windows 2003
> to Windows 2008 DCs.
>
> After some research I found out that there was no "dnsNode" object in AD
> for this PTR record.
>
> My question is, how can I get rid of this PTR record?
>
> And what are the places where the DNS service on a DC can store its zone
> information?
> (I thougt that when a DNS zone is configured with the replication option
> "All domain controllers in this domain" that all records are stored as
> dnsNode objects in the domain partition under
> cn=MicrosoftDNS,cn=system,dc=domain,dc=tld ?)
>
> Many thanks in advance for help!
> Mario
>
>
>


What machine or A record does the PTR you are trying to delete match up to?
If it is a DC, it will re-register it. This is default behavior.

If this is a DC, is it multihomed (meaning that it has more than one NIC, IP
address, or has RRAS installed on it)? If so, then it will be registering
every IP.

Elaborate on the record, please, and provide an ipconfig of the machine in
question this PTR is associated to.

Also, depending on the replication scope, it stores it in different parts of
the AD database. The selection you mentioned doesn't follow the selections
available, unless you abbreviated it. I would like to make sure I understand
exactly what you selected. The following are the three repications scope
options:

To choose the ForestDnsZones:
"To all DNS servers in the AD forest example.com"

To choose DomainDnsZones:
"To all DNS servers in the AD domain example.com"

To choose the DomainNC (only for compatibility with Win2000):
"To all domain controllers in the AD domain example.com"

To View the DomainNC partition for DNS records:

[DomainNC]
In ADSI Edit, rt-click ADSI Edit, connect to, in the Connection Point click
on "Well known Naming Context", then in the drop-down box, select "Domain".
Expand DomainNC, then your domain name. Drill down to CN=System. Under that
you will see CN=MicrosoftDNS. You will see any zones that are in the
DomainNC partition under MicrosoftDNS folder.

To view the DomainDnsZones or the ForestDnsZones partitions, follow these
steps:

[ForestDNSZones]
Click Start, click Run, type adsiedit.msc, and then click OK.
In the console tree, right-click ADSI Edit, and then click Connect to.
Click Select or type a Distinguished Name or Naming Context, type the
following text in the list, and then click OK:
DC=ForestDNSZones, DC=contoso, DC=com
In the console tree, double-click DC=ForestDNSZones, DC=contoso, DC=com.
Double-click CN=MicrosoftDNS, and click the zone (contoso.com). You should
now be able to view the DNS records which exist in this DNS partition. If
you desire to remove this partition, right-click on contoso.com and then
click Delete.

[DomainDNSZones]
Click Start, click Run, type adsiedit.msc, and then click OK.
In the console tree, right-click ADSI Edit, and then click Connect to.
Click Select or type a Distinguished Name or Naming Context, type the
following text in the list, and then click OK:

DC=DomainDNSZones,DC=contoso,DC=com.
In the console tree, double-click DC=DomainDNSZones,DC=contoso,DC=com
Double-click CN=MicrosoftDNS, and click the zone (contoso.com). You should
now be able to view the DNS records which exist in this DNS partition. If
you desire to remove this partition, right-click on contoso.com and then
click Delete.

I have more info on the partitions in my blog in the following link. It more
deals with finding duplicate zone data in the AD database, but you can use
it as a reference.

Using ADSI Edit to Resolve Conflicting or Duplicate AD Integrated DNS zones
http://msmvps.com/blogs/acefekay/arc...dns-zones.aspx


--
Ace

This posting is provided "AS-IS" with no warranties or guarantees and
confers no rights.

Please reply back to the newsgroup or forum for collaboration benefit among
responding engineers, and to help others benefit from your resolution.

Ace Fekay, MVP, MCT, MCITP EA, MCTS Windows 2008 & Exchange 2007, MCSE &
MCSA 2003/2000, MCSA Messaging 2003
Microsoft Certified Trainer
Microsoft MVP - Directory Services

If you feel this is an urgent issue and require immediate assistance, please
contact Microsoft PSS directly. Please check http://support.microsoft.com
for regional support phone numbers.

Ace, thanks for you reply.


The zone is stored in the domainNC via the following option:
To choose the DomainNC (only for compatibility with Win2000):
"To all domain controllers in the AD domain example.com"

Zone name (In DNS Manager under Reverse Lookup Zones):
123.10.in-addr.arpa

via ADSIEDIT:
cn=MicrosoftDNS,cn=System,dc=mydomain,dc=local

It's a STATIC PTR entry from an old network printer.


When opening the PTR record via the DNS Manager, I can see the following
settings:
Host ip address: 10.123.32.161
Full qualified domain name: 123.10.in-addr.arpa
Host name: P060B052.mydomain.local
"Delete this record when it becomes stale" is not checked, since it is a
static record.
Time to live: 1 day

There is no correspondig A record in the forward lookup zone mydomain.local
For info: the forward lookup zone mydomain.local is also stored in the
domainNC.

I try to delete the PTR Record via DNS Manager:
"Do you want to delete the record 10.123.32.161 from the server?"
Hit yes
The record disappears from the screen.

After refreshing the screen via hitting F5 the record 10.123.32.161
reappears!

The same issue when using dnscmd /RecordDelete

When opening ADSIEDIT and navigating to
dc=10.123.in-addr.arpa,cn=MicrosoftDNS,cn=System,dc=mydomain,dc =local
no dnsNode object corresponding to 32.161 can be found.
Analog to other records there it should look like DC=32.161

Restarting the DNS service doesn't change the behavior.
Same issue on a Windows 2003 DC in another site. (Inter-site replication
interval is 30 minutes).
There's no reverse lookup zone stored in the DomainDNSZones or
ForestDNSZones NCs.

Any idea where the information regarding the 10.123.32.161 ghost record may
come from ?



Thanks,
Mario





"Ace Fekay [MVP-DS, MCT]" <> wrote in message
news:...
> "Mario" <> wrote in message
> news:2B6C9EBC-EA54-4E44-86F4-...
>> Hi,
>>
>> I tried to delete a static PTR record in an AD-integrated zone. However
>> the record reappears immediately after hitting F5.
>> The DNS MMC Snap-in doesn' report any error.
>> I also tried to delete the PTR record via dnscmd /recorddelete. Same
>> issue... Command completed successfully. no error.
>>
>> The DNS zone is stored in the domain partition (All domain controllers in
>> this domain).
>> It was never changed after updating AD from Windows 2000 to Windows 2003
>> to Windows 2008 DCs.
>>
>> After some research I found out that there was no "dnsNode" object in AD
>> for this PTR record.
>>
>> My question is, how can I get rid of this PTR record?
>>
>> And what are the places where the DNS service on a DC can store its zone
>> information?
>> (I thougt that when a DNS zone is configured with the replication option
>> "All domain controllers in this domain" that all records are stored as
>> dnsNode objects in the domain partition under
>> cn=MicrosoftDNS,cn=system,dc=domain,dc=tld ?)
>>
>> Many thanks in advance for help!
>> Mario
>>
>>
>>
>
>
> What machine or A record does the PTR you are trying to delete match up
> to? If it is a DC, it will re-register it. This is default behavior.
>
> If this is a DC, is it multihomed (meaning that it has more than one NIC,
> IP address, or has RRAS installed on it)? If so, then it will be
> registering every IP.
>
> Elaborate on the record, please, and provide an ipconfig of the machine in
> question this PTR is associated to.
>
> Also, depending on the replication scope, it stores it in different parts
> of the AD database. The selection you mentioned doesn't follow the
> selections available, unless you abbreviated it. I would like to make sure
> I understand exactly what you selected. The following are the three
> repications scope options:
>
> To choose the ForestDnsZones:
> "To all DNS servers in the AD forest example.com"
>
> To choose DomainDnsZones:
> "To all DNS servers in the AD domain example.com"
>
> To choose the DomainNC (only for compatibility with Win2000):
> "To all domain controllers in the AD domain example.com"
>
> To View the DomainNC partition for DNS records:
>
> [DomainNC]
> In ADSI Edit, rt-click ADSI Edit, connect to, in the Connection Point
> click on "Well known Naming Context", then in the drop-down box, select
> "Domain". Expand DomainNC, then your domain name. Drill down to CN=System.
> Under that you will see CN=MicrosoftDNS. You will see any zones that are
> in the DomainNC partition under MicrosoftDNS folder.
>
> To view the DomainDnsZones or the ForestDnsZones partitions, follow these
> steps:
>
> [ForestDNSZones]
> Click Start, click Run, type adsiedit.msc, and then click OK.
> In the console tree, right-click ADSI Edit, and then click Connect to.
> Click Select or type a Distinguished Name or Naming Context, type the
> following text in the list, and then click OK:
> DC=ForestDNSZones, DC=contoso, DC=com
> In the console tree, double-click DC=ForestDNSZones, DC=contoso, DC=com.
> Double-click CN=MicrosoftDNS, and click the zone (contoso.com). You should
> now be able to view the DNS records which exist in this DNS partition. If
> you desire to remove this partition, right-click on contoso.com and then
> click Delete.
>
> [DomainDNSZones]
> Click Start, click Run, type adsiedit.msc, and then click OK.
> In the console tree, right-click ADSI Edit, and then click Connect to.
> Click Select or type a Distinguished Name or Naming Context, type the
> following text in the list, and then click OK:
>
> DC=DomainDNSZones,DC=contoso,DC=com.
> In the console tree, double-click DC=DomainDNSZones,DC=contoso,DC=com
> Double-click CN=MicrosoftDNS, and click the zone (contoso.com). You should
> now be able to view the DNS records which exist in this DNS partition. If
> you desire to remove this partition, right-click on contoso.com and then
> click Delete.
>
> I have more info on the partitions in my blog in the following link. It
> more deals with finding duplicate zone data in the AD database, but you
> can use it as a reference.
>
> Using ADSI Edit to Resolve Conflicting or Duplicate AD Integrated DNS
> zones
> http://msmvps.com/blogs/acefekay/arc...dns-zones.aspx
>
>
> --
> Ace
>
> This posting is provided "AS-IS" with no warranties or guarantees and
> confers no rights.
>
> Please reply back to the newsgroup or forum for collaboration benefit
> among responding engineers, and to help others benefit from your
> resolution.
>
> Ace Fekay, MVP, MCT, MCITP EA, MCTS Windows 2008 & Exchange 2007, MCSE &
> MCSA 2003/2000, MCSA Messaging 2003
> Microsoft Certified Trainer
> Microsoft MVP - Directory Services
>
> If you feel this is an urgent issue and require immediate assistance,
> please contact Microsoft PSS directly. Please check
> http://support.microsoft.com for regional support phone numbers.
>

"Mario" <> wrote in message
news:...
> Ace, thanks for you reply.
>
>
> The zone is stored in the domainNC via the following option:
> To choose the DomainNC (only for compatibility with Win2000):
> "To all domain controllers in the AD domain example.com"
>
> Zone name (In DNS Manager under Reverse Lookup Zones):
> 123.10.in-addr.arpa
>
> via ADSIEDIT:
> cn=MicrosoftDNS,cn=System,dc=mydomain,dc=local
>
> It's a STATIC PTR entry from an old network printer.
>
>
> When opening the PTR record via the DNS Manager, I can see the following
> settings:
> Host ip address: 10.123.32.161
> Full qualified domain name: 123.10.in-addr.arpa
> Host name: P060B052.mydomain.local
> "Delete this record when it becomes stale" is not checked, since it is a
> static record.
> Time to live: 1 day
>
> There is no correspondig A record in the forward lookup zone
> mydomain.local
> For info: the forward lookup zone mydomain.local is also stored in the
> domainNC.
>
> I try to delete the PTR Record via DNS Manager:
> "Do you want to delete the record 10.123.32.161 from the server?"
> Hit yes
> The record disappears from the screen.
>
> After refreshing the screen via hitting F5 the record 10.123.32.161
> reappears!
>
> The same issue when using dnscmd /RecordDelete
>
> When opening ADSIEDIT and navigating to
> dc=10.123.in-addr.arpa,cn=MicrosoftDNS,cn=System,dc=mydomain,dc =local
> no dnsNode object corresponding to 32.161 can be found.
> Analog to other records there it should look like DC=32.161
>
> Restarting the DNS service doesn't change the behavior.
> Same issue on a Windows 2003 DC in another site. (Inter-site replication
> interval is 30 minutes).
> There's no reverse lookup zone stored in the DomainDNSZones or
> ForestDNSZones NCs.
>
> Any idea where the information regarding the 10.123.32.161 ghost record
> may come from ?
>
>
>
> Thanks,
> Mario
>
>


Have you tried deleting it within ADSI Edit?

Is it possibly coming from a WINS registration, if using WINS - DNS
integration?

The only other possibility is either there are replication issues, or if you
want to try, choose one of the DC/DNS servers, and change that zone to
non-AD integrated which makes it a Standard zone stored as a test file in
system32\dns on the server you changed it, allow replication to occur across
the infrastructure,
delete the record, check the zone record in system32\dns making sure it is
gone, wait a little while to make sure it doesn't get registered again, then
change the zone back to AD-integrated. If it comes back, then something is
forcing it to register, such as WINS integration.

Ace

I can't try to delete the record via ADSIEDIT because there's no dnsNode
object for that record.
That's my problem.... A dnsNode object doesn't exist but the record appears
in the DNS Manager GUI.
WINS integration is not enabled. And there's no wins record registered with
that IP address.

I'm going to open a premier support ticket...
However, many thanks for your help.

Mario





"Ace Fekay [MVP-DS, MCT]" <> wrote in message
news:...
> "Mario" <> wrote in message
> news:...
>> Ace, thanks for you reply.
>>
>>
>> The zone is stored in the domainNC via the following option:
>> To choose the DomainNC (only for compatibility with Win2000):
>> "To all domain controllers in the AD domain example.com"
>>
>> Zone name (In DNS Manager under Reverse Lookup Zones):
>> 123.10.in-addr.arpa
>>
>> via ADSIEDIT:
>> cn=MicrosoftDNS,cn=System,dc=mydomain,dc=local
>>
>> It's a STATIC PTR entry from an old network printer.
>>
>>
>> When opening the PTR record via the DNS Manager, I can see the following
>> settings:
>> Host ip address: 10.123.32.161
>> Full qualified domain name: 123.10.in-addr.arpa
>> Host name: P060B052.mydomain.local
>> "Delete this record when it becomes stale" is not checked, since it is a
>> static record.
>> Time to live: 1 day
>>
>> There is no correspondig A record in the forward lookup zone
>> mydomain.local
>> For info: the forward lookup zone mydomain.local is also stored in the
>> domainNC.
>>
>> I try to delete the PTR Record via DNS Manager:
>> "Do you want to delete the record 10.123.32.161 from the server?"
>> Hit yes
>> The record disappears from the screen.
>>
>> After refreshing the screen via hitting F5 the record 10.123.32.161
>> reappears!
>>
>> The same issue when using dnscmd /RecordDelete
>>
>> When opening ADSIEDIT and navigating to
>> dc=10.123.in-addr.arpa,cn=MicrosoftDNS,cn=System,dc=mydomain,dc =local
>> no dnsNode object corresponding to 32.161 can be found.
>> Analog to other records there it should look like DC=32.161
>>
>> Restarting the DNS service doesn't change the behavior.
>> Same issue on a Windows 2003 DC in another site. (Inter-site replication
>> interval is 30 minutes).
>> There's no reverse lookup zone stored in the DomainDNSZones or
>> ForestDNSZones NCs.
>>
>> Any idea where the information regarding the 10.123.32.161 ghost record
>> may come from ?
>>
>>
>>
>> Thanks,
>> Mario
>>
>>
>
>
> Have you tried deleting it within ADSI Edit?
>
> Is it possibly coming from a WINS registration, if using WINS - DNS
> integration?
>
> The only other possibility is either there are replication issues, or if
> you want to try, choose one of the DC/DNS servers, and change that zone to
> non-AD integrated which makes it a Standard zone stored as a test file in
> system32\dns on the server you changed it, allow replication to occur
> across the infrastructure,
> delete the record, check the zone record in system32\dns making sure it is
> gone, wait a little while to make sure it doesn't get registered again,
> then change the zone back to AD-integrated. If it comes back, then
> something is forcing it to register, such as WINS integration.
>
> Ace
>
>

"Mario" <> wrote in message
news:B93D4D34-6A0F-4264-B817-...
>I can't try to delete the record via ADSIEDIT because there's no dnsNode
>object for that record.
> That's my problem.... A dnsNode object doesn't exist but the record
> appears in the DNS Manager GUI.
> WINS integration is not enabled. And there's no wins record registered
> with that IP address.
>
> I'm going to open a premier support ticket...
> However, many thanks for your help.
>
> Mario

Ok, sounds good. I thought to try to make the zone a text file to see if it
shows up. Microsoft PSS should be able to help. Please do let us know how
they take care of it and what they believe the cause was.

Thank you,
Ace

of course, I'm going to post the solution here.


"Ace Fekay [MVP-DS, MCT]" <> wrote in message
news:...
> "Mario" <> wrote in message
> news:B93D4D34-6A0F-4264-B817-...
>>I can't try to delete the record via ADSIEDIT because there's no dnsNode
>>object for that record.
>> That's my problem.... A dnsNode object doesn't exist but the record
>> appears in the DNS Manager GUI.
>> WINS integration is not enabled. And there's no wins record registered
>> with that IP address.
>>
>> I'm going to open a premier support ticket...
>> However, many thanks for your help.
>>
>> Mario
>
> Ok, sounds good. I thought to try to make the zone a text file to see if
> it shows up. Microsoft PSS should be able to help. Please do let us know
> how they take care of it and what they believe the cause was.
>
> Thank you,
> Ace
>
>
>

"Mario" <> wrote in message
news:...
> of course, I'm going to post the solution here.
>


Thank you!

Ace,
it was my fault.
Reverse Lookup entries appear in reverse format in AD.
10.123.234.55 appears as 55.234 in zone 123.10.in-addr.arpa.

I found the record, deleted it via ADISEDIT and the record disappeard... :-)

thanks,
Mario


"Ace Fekay [MVP-DS, MCT]" <> wrote in message
news:...
> "Mario" <> wrote in message
> news:...
>> of course, I'm going to post the solution here.
>>
>
>
> Thank you!
>

"Mario" <> wrote in message
news:FC18B8BF-F671-4DE1-ACA3-...
> Ace,
> it was my fault.
> Reverse Lookup entries appear in reverse format in AD.
> 10.123.234.55 appears as 55.234 in zone 123.10.in-addr.arpa.
>
> I found the record, deleted it via ADISEDIT and the record disappeard...
> :-)
>
> thanks,
> Mario

Yes, that's how they show up. Good to hear that you found it and delete it.

Cheers!

Ace