HI Please check this A. DNS scavenging Scavenging is the most common culprit when DNS records are missed from DNS zones. Even windows computers with statically assigned IP address Servers register their records every 24hours. Verify that the No Refresh and Refresh intervals is not way too low. For instance, if these values are together less than 24hours, then you will lose DNS records. B. DnsAvoidRegisterRecord defined in a GPO Its related to a code defect where SRV records have been excluded via the DnsAvoidRegisterRecords setting in a group policy object (GPO). The DNS server used by the client receives record updates once every 5 minutes. The timestamp and the version number of the dnsRecord is constantly being increased. As SRV records are stored in dnsRecord attribute, a non-linked multi-valued attribute, the DC/DNS receiving the inappropriate updates is always winning the conflict resolution. Some updates are lost while other deleted records mysteriously come back. c. Conflict mangled DNS zone Thanks and Regards Jagadeesh MCP,MCTS,MCITP |Server Administrator | Systems Engineer My Blog! View my MCP Certifications Contact Me

Hi All, I have recently started with a small company and they had in the past an issue where by the attempted to create a trust between two domains (primary win2003 and secondary win2008 and after 24 hours it cleared the dns entries in the primary domain) They removed the trust to revert it back, but the primary DC still had lost all its dns records, as a workaround they pointed the DNS to look at another DC in the 2003 domain and it managed to propergate the records. However an issue that is now happening is that everytime the server is rebooted it looses all its records, and they go through the process setting the network adapter DNS IP to another server,ipconfig /flushdns,ipconfig /registerdns andstop and restart the DNS server service.Change the network adapater DNS back to 127.0.0.1 Which seems to propagate all the information back into the server, But how do I fix this permanently to stop it doing this? dcdiag /test:DNS Running enterprise tests on : prd.local Starting test: DNS Test results for domain controllers: DC: dcyit.prd.local Domain: prd.local TEST: Basic (Basc) The OS Microsoft(R) Windows(R) Server 2003, Standard Edition (Service Pack level: 2.0) is supported. NETLOGON service is running kdc service is running DNSCACHE service is running DNS service is running DC is a DNS server Network adapters information: Adapter [00000010] BASP Virtual Adapter: MAC address is 00:0D:60:17:EB:76 IP Address is static IP address: 10.72.120.90 DNS servers: 127.0.0.1 (DCYIT) [Valid] Warning: The A record for this DC was not found [Error details: 10054 (Type: Win32 - Description: An existing connection was forcibly closed by the remote host.) - prd.local] No host records (A or AAAA) were found for this DC The SOA record for the Active Directory zone was not found The Active Directory zone on this DC/DNS server was found primary Root zone on this DC/DNS server was not found TEST: Forwarders/Root hints (Forw) Recursion is enabled Forwarders Information: 10.72.200.1 (<name unavailable>) [Valid] TEST: Delegations (Del) No delegations were found in this zone on this DNS server TEST: Dynamic update (Dyn) Test record dcdiag-test-record added successfully in zone prd.local Test record dcdiag-test-record deleted successfully in zone prd.local Network Adapter [00000010] BASP Virtual Adapter: Warning: Missing CNAME record at DNS server 10.72.120.90: ade9343d-3661-494d-a832-121a2bc0a3c9._msdcs.prd.local Warning: Missing A record at DNS server 10.72.120.90: dcyit.prd.local Error: Missing SRV record at DNS server 10.72.120.90: _ldap._tcp.prd.local Error: Missing SRV record at DNS server 10.72.120.90: _ldap._tcp.1a1c71ea-e910-4790-981e-079fb244c769.domains._m dcs.prd.local Error: Missing SRV record at DNS server 10.72.120.90: _kerberos._tcp.dc._msdcs.prd.local Error: Missing SRV record at DNS server 10.72.120.90: _ldap._tcp.dc._msdcs.prd.local Error: Missing SRV record at DNS server 10.72.120.90: _kerberos._tcp.prd.local Error: Missing SRV record at DNS server 10.72.120.90: _kerberos._udp.prd.local Error: Missing SRV record at DNS server 10.72.120.90: _kpasswd._tcp.prd.local Error: Missing SRV record at DNS server 10.72.120.90: _ldap._tcp.Yeronga._sites.prd.local Error: Missing SRV record at DNS server 10.72.120.90: _kerberos._tcp.Yeronga._sites.dc._msdcs.prd.local Error: Missing SRV record at DNS server 10.72.120.90: _ldap._tcp.Yeronga._sites.dc._msdcs.prd.local Error: Missing SRV record at DNS server 10.72.120.90: _kerberos._tcp.Yeronga._sites.prd.local Error: Missing SRV record at DNS server 10.72.120.90: _ldap._tcp.gc._msdcs.prd.local Warning: Missing A record at DNS server 10.72.120.90: gc._msdcs.prd.local Error: Missing SRV record at DNS server 10.72.120.90: _gc._tcp.Yeronga._sites.prd.local Error: Missing SRV record at DNS server 10.72.120.90: _ldap._tcp.Yeronga._sites.gc._msdcs.prd.local Error: Missing SRV record at DNS server 10.72.120.90: _ldap._tcp.pdc._msdcs.prd.local Error: Record registrations cannot be found for all the network adapters Summary of DNS test results: Auth Basc Forw Del Dyn RReg Ext _________________________________________________________________ Domain: prd.local dcyit PASS FAIL PASS PASS PASS FAIL n/a ......................... prd.local failed test DNS

Hello, Could you please check the values used for aging and scavenging? Maybe they are too small. This is how to enable it but check the used values: http://technet.microsoft.com/en-us/library/cc755716%28v=ws.10%29.aspx Please also proceed like that: Choose a healthy DC / DNS serverMake each DC points to this one as primary DNS serverMake sure that each DC has one IP address in use and only one NIC card enabled Once done, run ipconfig /registerdns and restart netlogon on each DC you have. Also, make sure that public DNS servers are set as forwarders and not in IP settings of DCs. This posting is provided "AS IS" with no warranties or guarantees , and confers no rights. Microsoft Student Partner 2010 / 2011 Microsoft Certified Professional Microsoft Certified Systems Administrator: Security Microsoft Certified Systems Engineer: Security Microsoft Certified Technology Specialist: Windows Server 2008 Active Directory, Configuration Microsoft Certified Technology Specialist: Windows Server 2008 Network Infrastructure, Configuration Microsoft Certified Technology Specialist: Windows Server 2008 Applications Infrastructure, Configuration Microsoft Certified Technology Specialist: Windows 7, Configuring Microsoft Certified Technology Specialist: Designing and Providing Volume Licensing Solutions to Large Organizations Microsoft Certified IT Professional: Enterprise Administrator Microsoft Certified IT Professional: Server Administrator Microsoft Certified Trainer

Hello, please remove the internal DNS server 10.72.200.1 as FORWARDER, here you should use the ISPs one for example but not domain internal DNS servers. also conmfigure the real ip address from the server as preferred DNS and the loopback only as secondary, third one, also recommended from DNS BPA. If you have domin internal more then one DNS server configure the secondary with that ip address and as 3r the loopback ip. Please post an unedited ipconfig /all from the 2 DCs in your domain so we can verify some basic settings. Do you use AD integrated DNS zones with secure dynamic updates? Is the DHCP client service, Windows server 2003 and lower, or DNS client service, the new OS versions, started and set to automatic on each domain machine? Also run on each DC, ipconfig /flushdns and ipconfig /registerdns and restart the netlogon service. Best regards Meinolf Weber MVP, MCP, MCTS Microsoft MVP - Directory Services My Blog: http://msmvps.com/blogs/mweber/ Disclaimer: This posting is provided AS IS with no warranties or guarantees and confers no rights.

Its only this one DC server that is having the issue and it happens to be the primary DC in the Active Directory Domain Scavenging Period is set to 1 dayLook up Zone Data from Active Directory is setSOA:Refresh Interval 15 MinutesRetry 10 MinutesExpires 1 dayMinimum TTL 1 Hour

HI Please check this A. DNS scavenging Scavenging is the most common culprit when DNS records are missed from DNS zones. Even windows computers with statically assigned IP address Servers register their records every 24hours. Verify that the No Refresh and Refresh intervals is not way too low. For instance, if these values are together less than 24hours, then you will lose DNS records. B. DnsAvoidRegisterRecord defined in a GPO Its related to a code defect where SRV records have been excluded via the DnsAvoidRegisterRecords setting in a group policy object (GPO). The DNS server used by the client receives record updates once every 5 minutes. The timestamp and the version number of the dnsRecord is constantly being increased. As SRV records are stored in dnsRecord attribute, a non-linked multi-valued attribute, the DC/DNS receiving the inappropriate updates is always winning the conflict resolution. Some updates are lost while other deleted records mysteriously come back. c. Conflict mangled DNS zone Thanks and Regards Jagadeesh MCP,MCTS,MCITP |Server Administrator | Systems Engineer My Blog! View my MCP Certifications Contact Me

Its only this one DC server that is having the issue and it happens to be the primary DC in the Active Directory Domain Scavenging Period is set to 1 dayLook up Zone Data from Active Directory is setSOA:Refresh Interval 15 MinutesRetry 10 MinutesExpires 1 dayMinimum TTL 1 Hour There is no primary and secondary DCs. All DCs are RW except RODCs. Please try to set the scavenging Period to 7 and check results. This posting is provided "AS IS" with no warranties or guarantees , and confers no rights. Microsoft Student Partner 2010 / 2011 Microsoft Certified Professional Microsoft Certified Systems Administrator: Security Microsoft Certified Systems Engineer: Security Microsoft Certified Technology Specialist: Windows Server 2008 Active Directory, Configuration Microsoft Certified Technology Specialist: Windows Server 2008 Network Infrastructure, Configuration Microsoft Certified Technology Specialist: Windows Server 2008 Applications Infrastructure, Configuration Microsoft Certified Technology Specialist: Windows 7, Configuring Microsoft Certified Technology Specialist: Designing and Providing Volume Licensing Solutions to Large Organizations Microsoft Certified IT Professional: Enterprise Administrator Microsoft Certified IT Professional: Server Administrator Microsoft Certified Trainer