One DNS record getting deleted RRS feed

  • Question

  • Hi

    I have two DCs, Windows 2008 R2 and 2012 R2. The DNS record for one member server, a Windows 2008 R2, disappear from time to time.

    Scavenging is enabled on the whole AD DNS zone.

    This record is the only one which seems to be deleted.

    I have tried to create a static DNS record, as the server has static IP, but this is also getting deleted even when "Delete this record.." is not enabled.

    DNS audit is enabled.


    Log Name:      Security
    Source:        Microsoft-Windows-Security-Auditing
    Date:          16-11-2018 02:50:46
    Event ID:      4662
    Task Category: Directory Service Access
    Level:         Information
    Keywords:      Audit Success
    User:          N/A
    Computer:      DC2008R2.ADDomainName.local
    An operation was performed on an object.

    Subject :
        Security ID:        ADDomainName\MemberServer$
        Account Name:        MemberServer$
        Account Domain:        ADDomainName
        Logon ID:        0xb241eb

        Object Server:        DS
        Object Type:        dnsNode
        Object Name:        DC=MemberServer,DC=ADDomainName.local,CN=MicrosoftDNS,DC=DomainDnsZones,DC=ADDomainName,DC=local
        Handle ID:        0x0

        Operation Type:        Object Access
        Accesses:        Write Property
        Access Mask:        0x20
        Properties:        Write Property

    Additional Information:
        Parameter 1:        -
        Parameter 2:        

    First dNSTombstoned = false then in same second:

    Log Name:      Security
    Source:        Microsoft-Windows-Security-Auditing
    Date:          16-11-2018 02:50:52
    Event ID:      5136
    Task Category: Directory Service Changes
    Level:         Information
    Keywords:      Audit Success
    User:          N/A
    Computer:      DC2008R2.ADDomainName.local
    A directory service object was modified.
    	Security ID:		ADDomainName\MemberServer$
    	Account Name:		MemberServer$
    	Account Domain:		ADDomainName
    	Logon ID:		0xb241eb
    Directory Service:
    	Name:	ADDomainName.local
    	Type:	Active Directory Domain Services
    	DN:	DC=MemberServer,DC=ADDomainName.local,cn=MicrosoftDNS,DC=DomainDnsZones,DC=ADDomainName,DC=local
    	GUID:	DC=MemberServer,DC=ADDomainName.local,CN=MicrosoftDNS,DC=DomainDnsZones,DC=ADDomainName,DC=local
    	Class:	dnsNode
    	LDAP Display Name:	dNSTombstoned
    	Syntax (OID):
    	Value:	TRUE
    	Type:	Value Added
    	Correlation ID:	{6ed8c57d-84e4-4f7d-b32e-b90bac0442e6}
    	Application Correlation ID:	-

    To me is seems that "MemberServer" is deleting it's own record. But why?

    "Register this connection's addresses in dns" under IPv4 and IPv6 is also enabled.

    Any ideas how to troubleshoot this?


    Friday, November 16, 2018 9:05 AM

All replies