I need to know who has statically set their primary DNS server to a particular IP. I want to demote that DC (Server 2003), and all the DHCP clients are good. I tried: DNSCmd serverName.domainName.com /config /LogLevel 0x1 But got back: DNS Server failed to reset registry property. Status = 13 (0x0000000d) Command failed: ERROR_INVALID_DATA 13 (0000000d) Thanks.

Just open the DNS admin console and turn on debugging (just while you collect enough data). Otherwise a packet capture will do just fine (you can even create a capture filter to only log TCP/UDP 53 traffic). Visit: anITKB.com, an IT Knowledge Base.

Hi mhashemi , Thanks for posting here. Yes, you can acquire and monitor the south address of incoming querying by enabling and configuring DNS debugging feature on server. Using server debug logging options http://technet.microsoft.com/en-us/library/cc776361(WS.10).aspx Thanks. Tiger Li TechNet Subscriber Support in forum If you have any feedback on our support, please contact tngfb@microsoft.comPlease remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.