none
AD integrated DNS zone invalid NS servers RRS feed

  • Question

  • I have hundreds of DC's and there are times where NS servers are not properly removed and still exist in the Zone record as a NS server. Example a non AD integrated zone that was migrated to AD integrated holds old NS servers that are not DC's. Is there a way to properly clean these out?

    I'm looking for a way to remove and repopulate not review each NS server individually unless that is the only recommended method.

    Wednesday, June 1, 2016 4:05 PM

Answers

  • Hi jLawson23,

    NS records are use to identify who all servers are holding DNS role for this zone. They all are design to register NS records once we install DNS service to it. And you may need to note if you have configured the registry to restrict the DNS server from registering NS resource records for authoritative zones, any existing NS resource records for the authoritative zones located on the DNS server are automatically deleted.

    You may check the article below

    http://technet.microsoft.com/en-us/library/cc778831.aspx

    It says "Restrict NS resource record registration".

    1. In Registry Editor, navigate to the following registry key:
      HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DNS\Parameters
    2. Add the following REG_DWORD value:
      DisableNSRecordsAutoCreation
    3. Assign a value of 0x1.

    ________________________________________
    Best Regards,
    Cartman
    Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact tnmff@microsoft.com.

    Thursday, June 2, 2016 2:27 AM

All replies

  • Hi

     You should check this script and give a try;

    https://blogs.msdn.microsoft.com/muaddib/2013/12/16/how-to-update-the-list-of-name-servers-on-a-dns-zone-with-a-script/


    This posting is provided AS IS with no warranties or guarantees,and confers no rights. Best regards Burak Uğur

    Wednesday, June 1, 2016 4:17 PM
  • This does not remove bad NS records it removes NS records put in a file. I need the bad records removed or all and regenerate the new valid ones.
    Wednesday, June 1, 2016 5:47 PM
  • Hi,

    Sorry, It seems you have to manually delete it.

    Kind Regards,

    Abhilash

    Wednesday, June 1, 2016 6:07 PM
  • Can you delete them all but one and they will populate back with DC DNS NS servers?  or what happens if you delete a valid DC NS server from the list?

    I don't care about manual removal as long as I don't have to weed through each entry unless that is the only way.

    Wednesday, June 1, 2016 6:10 PM
  • Hi jLawson23,

    NS records are use to identify who all servers are holding DNS role for this zone. They all are design to register NS records once we install DNS service to it. And you may need to note if you have configured the registry to restrict the DNS server from registering NS resource records for authoritative zones, any existing NS resource records for the authoritative zones located on the DNS server are automatically deleted.

    You may check the article below

    http://technet.microsoft.com/en-us/library/cc778831.aspx

    It says "Restrict NS resource record registration".

    1. In Registry Editor, navigate to the following registry key:
      HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DNS\Parameters
    2. Add the following REG_DWORD value:
      DisableNSRecordsAutoCreation
    3. Assign a value of 0x1.

    ________________________________________
    Best Regards,
    Cartman
    Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact tnmff@microsoft.com.

    Thursday, June 2, 2016 2:27 AM