Re: What do I do now?

It really depends on the sight, etc... We scavenge daily.

I don't know your company or its background, it would be difficult to tell
you what to specifically do.

--
Paul Bergson
MVP - Directory Services
MCTS, MCT, MCSE, MCSA, Security+, BS CSci
2008, 2003, 2000 (Early Achiever), NT4

http://www.pbbergs.com

Please no e-mails, any questions should be posted in the NewsGroup
This posting is provided "AS IS" with no warranties, and confers no rights.

"atomax@xxxxxxxxxxxxx" <atomax@xxxxxxxxx> wrote in message
news:OMgG5pu0IHA.2084@xxxxxxxxxxxxxxxxxxxxxxx

Dear Paul,

Thanks for the tip and reassurance. Looks like we're back on the right
road. Still don't understand how a record for an Exchange server can get
scavenged - you can be sure that not a second goes by that it isn't being
accessed by someone or some blackberry :-)

Are there any recommendations for scavenge settings? We had set the time
for 12 hours, because we're running low on IP addresses in our DHCP scope
and adding a new subnet is a big deal that needs a lot of thought,
planning and infrastructure.

Thanks again for your help. have a great weekend.
Max



I can't tell you how this all happened but I can help give some insight.

1) Do you have dns scavenging enabled. If enabled scavenging can drop
even static records if the "Delete this record when it becomes stale"
check
box is set
2) To reregister your srv records
a) Restart netlogon on a dc they are missing from
b) Run a netdiag /fix on the dc they are missing from

Hope this can get you started, you shouldn't need to reload from a system
state backup

-- Paul Bergson MVP - Directory Services MCTS, MCT, MCSE, MCSA, Security+,
BS CSci 2008, 2003, 2000 (Early Achiever), NT4 http://www.pbbergs.com
Please no e-mails, any questions should be posted in the NewsGroup This
posting is provided "AS IS" with no warranties, and confers no rights.
"atomax@xxxxxxxxxxxxx" <atomax@xxxxxxxxx> wrote in message
news:%2391kCBp0IHA.3920@xxxxxxxxxxxxxxxxxxxxxxx
We just suffered the weirdest problem.

First, a description of our network.
We have a single Windows 2003 domain in 2 sites, both visible in
ADS&S. We
have a total of 5 DCs each of which is also a DNS server, 3 in one
site, 2
in the other. There are 2 GCS in each site. We have 3 Exchange
server, one
backend in each site, and one frontend. Beyond these servers, we
have a
number of Windows servers, some production and some for development
and
testing. We also have a large number of Linux servers, Windows and
Linux
workstations.

All of the Windows and Linux servers, except 1 Windows server
(which uses
DHCP), have static allocated IPs, with A records configured in the
DNS. We
have a number of Windows workstations with fixed IPs, and a small
number
of Windows and Linux boxes that have reserved IPs in the DHCP scope.

Last night ~6:15 PM, the A records of all of the static Windows
servers in
both sites, except for the DCs, disappeared, including all 3 Exchange
servers. The MX records stayed. The CNAMEs also disappeared for those
boxes. None of the Linux boxes losts their A records. We did
notice, after
manually recreating most of the A records, that at least some of
the PTRs
in the reverse zones remained.

Worse, we then found that the Domain subfolders, like -MSDCS DC,
GC, had
each lost its subfolder for one of the sites. We figured we'd need
to do a
restore from backup, but decided to wait a bit, to see what else we
could
find missing.

Well, now a few hours later, the situation has morphed again. The
-MSDCS
DC, GC now have subfolders for both sites again, as far as we know,
without human input. However, in one of the sites, only one of 3
DCs is
showing. In the other site, both DCs appear.

My questions are:
1. What happened? How do manually entered A records simply disappear?
2. Do I manually restore the AD with a backup of a earlier system
state,
in order to retrieve the missing srv records?

Any help will be appreciated

Max




.

Relevant Pages

  • Re: obsolete DNS entries in AD-integrated DNS
    ... It takes 7 days to start unless you right click on the server and select ... MVP - Directory Services ... recommended to only have 1 dns server scavenge for each dns zone to be ... Open DNS Management console> Right-Click the DNS server> Properties. ...
    (microsoft.public.windows.server.active_directory)
  • Server 2003 DNS Scavenging
    ... I have a Server 2003 Domain Controller, running DHCP and DNS and I am ... trying to scavenge old PTR records and a few duplicate A records. ... Refresh and 7 Days for scavenge (main Server setting - not for zone) I ...
    (microsoft.public.windows.server.dns)
  • Re: DNS Scavenging
    ... > enabled scavenging in the server properties. ... > to manually scavenge is: "The DNS server has completed a scavenging ... Event ID 2502 after you try to manually scavenge DNS resource records in ...
    (microsoft.public.windows.server.dns)
  • Server 2003 DNS Scavenging
    ... I have a Server 2003 Domain Controller, running DHCP and DNS and I am ... trying to scavenge old PTR records and a few duplicate A records. ... Refresh and 7 Days for scavenge (main Server setting - not for zone) I ...
    (microsoft.public.windows.server.general)
  • Re: Domain contrŅ„ler with branch office.
    ... Windows 2003, however, may provide some benefit here. ... state backup of your existing Windows 2003 DC, bring it to the branch office ... Windows Server - Active Directory ... connected by VPN with 3com firewalls at each end. ...
    (microsoft.public.win2000.active_directory)