none
Problems static DNS entry Windows Server 2003

    Question

  • Hello togehter,

    we have here in our enviroment problems with DNS.
    We have several establishments with there own DNS and DHCP servers, now we want to integrate DNS scavenging. For thsi step we want to move all of our servers (Windows Server 2003/2008) to static dns entrys.

    What we have done in the last days is to disable the ddns function on the network cards and add an static dns entry for the servers.
    What now happens is that after an few hours this static dns record will be converted to an dynamic one and i dont know who makes this changes.

    in Windows Server 2008 i found out that there is an hotfix available and it seams that on thsi systems the error is gone but we have still this under Windows Server 2003.

    Is it possible that some kind of teaming software makes this changes?
    Are the any special settings in the registry?

    I hope that someone can help me solve this issue. if not i think i should get in contact with the Microsoft support

    Thansk in advance

    Thorsten

    Wednesday, March 21, 2012 7:41 AM

Answers

  • Hi,

    Thanks for your response. This setting can be replicated to all the AD Integrated DNS server as the specfic zone's replication scope. Therefore you just need to change the setting on one of the DNS servers. After that, please wait for the replication and then re-add the static DNS record. The result will be more reliable if the entry is added after the former object is deleted from the ADSIedit.msc

    Best regards,

    Steven Xiao


    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

    • Proposed as answer by Tiger Li Thursday, March 29, 2012 3:14 AM
    • Marked as answer by Tiger Li Monday, April 02, 2012 8:30 AM
    Wednesday, March 28, 2012 2:33 PM

All replies

  • Hi Thorsten,

    Thanks for posting here.

    Is this DNS zone AD integrated ? and how many DNS server is holding this zone and which OS is running on it ?
    I’m not sure how did we disable DDNS in these windows server clients but could we try to do that with following the steps in the KB article below:

    How to enable or disable DNS updates in Windows 2000 and in Windows Server 2003
    http://support.microsoft.com/kb/246804/

    By verifying the owner of these record could get the account who registered that and also by using auditing feature :

    Tracking DNS Record Deletion
    http://blogs.technet.com/b/networking/archive/2011/08/17/tracking-dns-record-deletion.aspx

    But why we have to set static records for these servers ? cos properly configured DNS scavenging should not affect their records.

    Thanks.

    Tiger Li


    Tiger Li

    TechNet Community Support

    Thursday, March 22, 2012 8:34 AM
  • Hi Tiger Li,

    we have in summary 25 DNS-Server and all zones are AD integrated. The most DNS-servers are Windows Server 2003 (32Bit and 64Bit) but we have also Windows Server 2008R2 DNS-Servers.

    We have this problems basically on the Windows Server 2003 which are also DCs.

    We want do disable DDNS because we have read some articles about problems when scavenging is running and me chief wants this.

    I check both articles and response here if i had any new information!
    What i found out yesterday is that we have in the dns eventlog any notice that there is an duplicate on one dns zone

    After using ASDIedit we have 16 entries that are saying "In Progress..."

    Regards Thorsten

    Thursday, March 22, 2012 9:19 AM
  • Hi

    i have still the problems with my static dns-entries. has anybody an idea what i can do to fix my issue?

    Regards Thorsten

    Monday, March 26, 2012 8:37 AM
  • Hello,

    The static entry can be updated via the dynamic update when the zone type is set to "non-secure and secure". If it is set to "Secure Only", generally only the creater of the record has the permission to change its information.

    What's the current type of the zone that is containing these records, “Secure Only” or “Nonsecure and secure”? To check this:
    On the DNS management console, Right-click the involved DNS ZONE and click properties > Choose General tab > Have a look at “Dynamic updates”
    option.


    Best regards,

    Steven Xiao


    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

    Wednesday, March 28, 2012 2:21 PM
  • Hi Steven,

    we have enabled nonsecure and secure updates! You think this is the problem?

    We have this problem with our dc server which are Windows 2003 and i will check this option

    Thanks a lot for this information

    Wednesday, March 28, 2012 2:27 PM
  • Hi,

    Thanks for your response. This setting can be replicated to all the AD Integrated DNS server as the specfic zone's replication scope. Therefore you just need to change the setting on one of the DNS servers. After that, please wait for the replication and then re-add the static DNS record. The result will be more reliable if the entry is added after the former object is deleted from the ADSIedit.msc

    Best regards,

    Steven Xiao


    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

    • Proposed as answer by Tiger Li Thursday, March 29, 2012 3:14 AM
    • Marked as answer by Tiger Li Monday, April 02, 2012 8:30 AM
    Wednesday, March 28, 2012 2:33 PM
  • Thanks for your reply since it was very helpfull!
    Wednesday, March 28, 2012 2:49 PM