|
server
newsgroups
|
|||||||||||||||||||||||
|
|||||||||||||||||||||||
DNS Record RemovalWhen do (Windows 2003) domain controllers remove their DNS records? For
instance, if a DC crashes and is offline for some period of time, when do the DNS records get removed? Is it solely dependent on the TTL of the records? Does a DC ever de-register it's records for any reason? Thanks. have a look at DNS Aging/Scavenging
http://technet2.microsoft.com/WindowsServer/en/library/20fbbd82-0cea-4a74-9634-fdd993f4c4f41033.mspx?mfr=true http://technet2.microsoft.com/WindowsServer/en/library/cf67e637-a239-4d79-b822-55334f052e4d1033.mspx?mfr=true http://www.myitforum.com/articles/16/view.asp?id=6287 -- Show quoteHide quoteCheers, (HOPEFULLY THIS INFORMATION HELPS YOU!) # Jorge de Almeida Pinto # MVP Windows Server - Directory Services BLOG (WEB-BASED)--> http://blogs.dirteam.com/blogs/jorge/default.aspx BLOG (RSS-FEEDS)--> http://blogs.dirteam.com/blogs/jorge/rss.aspx ------------------------------------------------------------------------------------------ * This posting is provided "AS IS" with no warranties and confers no rights! * Always test before implementing! ------------------------------------------------------------------------------------------ ################################################# ################################################# ------------------------------------------------------------------------------------------ "cswarr" <csw***@discussions.microsoft.com> wrote in message news:F6C0ECF6-E6DC-455D-BD03-50130546AE3E@microsoft.com... > When do (Windows 2003) domain controllers remove their DNS records? For > instance, if a DC crashes and is offline for some period of time, when do > the > DNS records get removed? Is it solely dependent on the TTL of the > records? > Does a DC ever de-register it's records for any reason? Thanks. "cswarr" <csw***@discussions.microsoft.com> wrote in message Read Jorge's answer this thread but I amnews:F6C0ECF6-E6DC-455D-BD03-50130546AE3E@microsoft.com... > When do (Windows 2003) domain controllers remove their DNS records? For > instance, if a DC crashes and is offline for some period of time, when do > the > DNS records get removed? going to answer in a slightly different way than he did (take your pick or clarify your real question for us to try again): DCs do not remove their own DC records from DNS unless they are properly* DCPromo'd. *Properly here means with the other DCs online as well as the DNS accessible. DNS servers MAY be set to do scavenging which can cause a DCs dynamically registered records to be removed (which can be either a good or bad thing but tends to be a very bad thing more often than it is helpful.) Scavenging is a DNS server function and has nothing to do with whether the DNS server is also a DC though. > Is it solely dependent on the TTL of the records? NONE of this has anything to do with TTL as that is howlong OTHER DNS Servers (or clients) should cache records owned by this DNS server. > Does a DC ever de-register it's records for any reason? Thanks. Yes, it will re-register usually at system Startup or if theNet Logon service is otherwise restarted for any reason. DCs, like any other dynamic DNS client, will re-register themselves after the "NoRefreshInterval" and sometime before "RefreshInterval" expires if the DNS server is scavening and enables these values. What is your real question that is likely buried under the questions you are asking here in your message? Thanks for the responses. I do have an underlying reason for this question.
I have a group that is going to use AD for pass-through authentication. However, they need to make some changes to support communication with AD. When they make these changes, I want to recommend which DNS record they should use to refer to the domain. I wanted make sure that I tell them to use the most resilient record for the domain. What I mean is that I want to use something that takes advantage of AD's built-in redundancy (ie, if one DC goes down, AD keeps working). So, I'd like to make sure that whatever DNS record I have them use for the domain won't be affected by a DC that may be offline. My first instinct was to tell them to use the domain name, domain.com, becuase I know that that record contains the IP's of all the DC's in the domain. However, that is where my question comes in; if one of the DC's goes goes down, does that record get updated so that clients (or applications in my case)don't get directed to it when they query DNS for the domain? Hopefully, I made sense here. Show quoteHide quote "Herb Martin" wrote: > "cswarr" <csw***@discussions.microsoft.com> wrote in message > news:F6C0ECF6-E6DC-455D-BD03-50130546AE3E@microsoft.com... > > When do (Windows 2003) domain controllers remove their DNS records? For > > instance, if a DC crashes and is offline for some period of time, when do > > the > > DNS records get removed? > > Read Jorge's answer this thread but I am > going to answer in a slightly different way > than he did (take your pick or clarify your > real question for us to try again): > > DCs do not remove their own DC records from DNS > unless they are properly* DCPromo'd. *Properly here > means with the other DCs online as well as the DNS > accessible. > > DNS servers MAY be set to do scavenging which can > cause a DCs dynamically registered records to be > removed (which can be either a good or bad thing but > tends to be a very bad thing more often than it is > helpful.) > > Scavenging is a DNS server function and has nothing > to do with whether the DNS server is also a DC though. > > > Is it solely dependent on the TTL of the records? > > NONE of this has anything to do with TTL as that is how > long OTHER DNS Servers (or clients) should cache > records owned by this DNS server. > > > Does a DC ever de-register it's records for any reason? Thanks. > > Yes, it will re-register usually at system Startup or if the > Net Logon service is otherwise restarted for any reason. > > DCs, like any other dynamic DNS client, will re-register themselves > after the "NoRefreshInterval" and sometime before "RefreshInterval" > expires if the DNS server is scavening and enables these values. > > What is your real question that is likely buried under > the questions you are asking here in your message? > > > -- > Herb Martin, MCSE, MVP > Accelerated MCSE > http://www.LearnQuick.Com > [phone number on web site] > > > "cswarr" <csw***@discussions.microsoft.com> wrote in message [I knew that <grin>]news:E02A907D-23D6-43D0-8F65-281E27FA38B0@microsoft.com... > Thanks for the responses. I do have an underlying reason for this > question. > I have a group that is going to use AD for pass-through authentication. It won't by default. AD clients work their way through> However, they need to make some changes to support communication with AD. > When they make these changes, I want to recommend which DNS record they > should use to refer to the domain. I wanted make sure that I tell them to > use the most resilient record for the domain. What I mean is that I want > to > use something that takes advantage of AD's built-in redundancy (ie, if one > DC > goes down, AD keeps working). So, I'd like to make sure that whatever DNS > record I have them use for the domain won't be affected by a DC that may > be > offline. the DC records until they find a "live one" (This is different from practically all other client software that uses DNS and gets "stuck" on any bad ones, e.g., http, ftp etc.) > My first instinct was to tell them to use the domain name, Are you saying that you are doing something outside of normal> domain.com, becuase I know that that record contains the IP's of all the > DC's > in the domain. DC-client AD authentication but still need a DC? > However, that is where my question comes in; if one of the Nope, not necessarily if the server is crashed etc.> DC's goes goes down, does that record get updated so that clients (or > applications in my case)don't get directed to it when they query DNS for > the > domain? > Hopefully, I made sense here. It is still not clear exactly what you are actually doing....If you are using normal authentication then it is already covered but if you are trying to make some other "client software" more fault tolerant then likely it will need to include its own custom DNS resolver much as SMTP servers do.... Show quoteHide quote > > "Herb Martin" wrote: > >> "cswarr" <csw***@discussions.microsoft.com> wrote in message >> news:F6C0ECF6-E6DC-455D-BD03-50130546AE3E@microsoft.com... >> > When do (Windows 2003) domain controllers remove their DNS records? >> > For >> > instance, if a DC crashes and is offline for some period of time, when >> > do >> > the >> > DNS records get removed? >> >> Read Jorge's answer this thread but I am >> going to answer in a slightly different way >> than he did (take your pick or clarify your >> real question for us to try again): >> >> DCs do not remove their own DC records from DNS >> unless they are properly* DCPromo'd. *Properly here >> means with the other DCs online as well as the DNS >> accessible. >> >> DNS servers MAY be set to do scavenging which can >> cause a DCs dynamically registered records to be >> removed (which can be either a good or bad thing but >> tends to be a very bad thing more often than it is >> helpful.) >> >> Scavenging is a DNS server function and has nothing >> to do with whether the DNS server is also a DC though. >> >> > Is it solely dependent on the TTL of the records? >> >> NONE of this has anything to do with TTL as that is how >> long OTHER DNS Servers (or clients) should cache >> records owned by this DNS server. >> >> > Does a DC ever de-register it's records for any reason? Thanks. >> >> Yes, it will re-register usually at system Startup or if the >> Net Logon service is otherwise restarted for any reason. >> >> DCs, like any other dynamic DNS client, will re-register themselves >> after the "NoRefreshInterval" and sometime before "RefreshInterval" >> expires if the DNS server is scavening and enables these values. >> >> What is your real question that is likely buried under >> the questions you are asking here in your message? >> >> >> -- >> Herb Martin, MCSE, MVP >> Accelerated MCSE >> http://www.LearnQuick.Com >> [phone number on web site] >> >> >> 
Other interesting topics
AD/ADAM Create User (VB.Net)
GPO - clarification question how to disable USB sticks through AD Primary time server a new company Event log entries regarding KCC error RIS file copy fails after 3rd pc starts build Question concerning Restricted Groups. Adding a local user account password change via IE quota on network drive (user's home folder) |
|||||||||||||||||||||||
