none
SRV records for DCs registering as static instead of ageing records

    Question

  • Some of my DCs in sites are registering their _ldap and _kerberos records as aging records (which is desired), while others are registering as static automatically.

    An example:
    _ldap._tcp.SiteA._sites.MyDomain will be registered as Static while
    _kerberos._tcp.SiteA._sites.MyDomain will have an aging timestamp for the same DC

    While in sites B, C, D, etc, all records for all DCs both _ldap and _kerberos are aging records.

    But in _tcp._sites.dc._msdcs.MyDomain all _ldap and _kerberos records are Static for All DCs
    and in _tcp.SiteA._sites.dc._msdcs.MyDomain it mirrors the first case (_ldap is static, _kerberos is aging), while Site B all records are aging.

    In _tcp.MyDomain all records are static, as are those in _udp.MyDomain

    I was wondering if anyone could help identify why these would be so inconsistent? If anyone knows of any settings that affect this?
    We'd prefer aging records as during decommissioning of a DC sometimes some records get forgotten and cause problems if not aged/deleted.

    DCs are a mix of 2008r2 and 2012r2. Only one site is populating _ldap as static, all others are aging records. All DCs across all sites are populating the non-site-specific SRVs as static (_tcp.MyDomain, _udp.MyDomain, _tcp._sites.dc._msdcs.MyDomain).

    Steps taken to troubleshoot:
      - Deleted one of the static records, ran dcdiag /fix on the DC affected. DC re-created the record as static
      - Deleted same static record, restarted netlogon service on the DC affected. DC re-created the record as static.

    Any input is greatly appreciated!

    Monday, April 3, 2017 5:04 PM

All replies

  • Hi,
    Please check if DC in site A is running in health, you could run the following command tools to see if we could get more information to help troubleshooting the problem.
    -> DCDIAG /V /C /D /E /s: dcname > c:\dcdiag.log , 
    -> repadmin.exe /showrepl dc* /verbose /all /intersite > c:\repl.txt
    Specially, please check the DNS by running dcdiag /test:dns
    In addition, I know you have restart netlogon service to make records register atomically, however, if possible, I would also suggest you have a try rebooting that DC to see if it works.
    Best regards, 
    Wendy

    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com

    Wednesday, April 5, 2017 2:06 AM
    Moderator
  • Hi,

    I am checking how the issue is going, if you still have any questions, please feel free to contact us.

    And if the replies as above are helpful, we would appreciate you to mark them as answers, and if you resolve it using your own solution, please share your experience and solution here. It will be greatly helpful to others who have the same question.

    Appreciate for your feedback.

    Best regards,

    Wendy


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com

    Monday, April 10, 2017 2:13 PM
    Moderator
  • Hi,

    Have you ever found a solution to this behavior?

    Tuesday, September 25, 2018 7:32 AM