Log In

Come Join Us!

Are you a
Computer / IT professional?
Join Tek-Tips Forums!
  • Talk With Other Members
  • Be Notified Of Responses
    To Your Posts
  • Keyword Search
  • One-Click Access To Your
    Favorite Forums
  • Automated Signatures
    On Your Posts
  • Best Of All, It's Free!
  • Students Click Here

*Tek-Tips's functionality depends on members receiving e-mail. By joining you are opting in to receive e-mail.

Posting Guidelines

Promoting, selling, recruiting, coursework and thesis posting is forbidden.

Students Click Here


DNS records from 3 years ago

DNS records from 3 years ago

DNS records from 3 years ago

I have a virtual DC that I promoted on my domain, then moved to an isolated network for testing. I deleted that domain DNS zone, restarted the netlogon service, then checked DNS again. What happened was the entire zone was populated with DNS records from years ago, back when we were on the 192.168 addressing scheme. I checked c:\Windows\System32\DNS and the files there are related to our current addressing scheme, not the 192. What I am wondering is where this information came from. The backup DNS file is current to our infrastructure, so I don't know where else this info can come from. Maybe I'm missing something, but searches on Google show no other location where this could be stored. Does anyone know where else this info could have come from?

RE: DNS records from 3 years ago

is that server still configured to replicate from other known NS servers?  Do you have any other DNS servers accessible to this test box that would hold this info?

also, was this an Integrated AD DNS zone?  This info is stored in the safety of AD and would possibly still have cached information within your AD...not in the System32/DNS folder.  

run an ipconfig /displaydns and see if the records are there.  if so do an ipconfig /flushdns on that server.

I hope any help I give leads to great successes.

RE: DNS records from 3 years ago

I have totally isolated this server so it is pulling the info from itself. It is an AD-integrated zone. Ipconfig /displaydns showed some entries, but none indicated anything on the 192. They referred to hostnames and local loopback address. After clearing DNS I only get response from the loopback address. So how would I query AD to find this orphaned information?

RE: DNS records from 3 years ago

I just ran an LDAP query on Active Directory and I am finding that all of these servers exist in AD, even though they are not visible through any of the common tools. So the information was pulled from AD obviously, but the question remains why is this info still in AD? We have no sites that refer to this and no computer/DC objects that match the results.  

RE: DNS records from 3 years ago

you said: DC that I promoted on my domain, then moved to an isolated network for testing

It was replicated before the move when it became a DC.  Then it sounds like you move it to Test; but the information would remain.  Then without any further replications...the data is never removed.  May need to turn on scavenging old records in DNS...maybe that will help.

I hope any help I give leads to great successes.

RE: DNS records from 3 years ago

What I am trying to do is test how things would occur on my domain, without actually making changes to the domain. We have a bunch of service/site records missing from the domain dns zone, but the forest zone contains these records. I am trying to figure why these entries are missing from domain.com/_msdcs but they exist on the _msdcs.domain.com zone and what i would need to do to fix them. One document I was reading suggested to delete the domain.com zone, restart netlogon to have this recreated from backup. I wanted to test what would happen in my production environment, which is why I have isolated this DC. So when I deleted the domain.com dns zone, restarted netlogon, the zone came back but with information from years ago that would blow up my current network if I actually did this. So I checked the %systemroot%\dns\backup folder. These backup files contain information that is correct to my current infrastructure. I don't think scavenging would help in this case because scavenging only works on DNS and all values within production DNS are valid. So I am trying to figure 1) where did the zone information from 3 years ago come from? 2) If it did come from Active Directory, why is Active Directory holding on to this information?  

Red Flag This Post

Please let us know here why this post is inappropriate. Reasons such as off-topic, duplicates, flames, illegal, vulgar, or students posting their homework.

Red Flag Submitted

Thank you for helping keep Tek-Tips Forums free from inappropriate posts.
The Tek-Tips staff will check this out and take appropriate action.

Reply To This Thread

Posting in the Tek-Tips forums is a member-only feature.

Click Here to join Tek-Tips and talk with other members!

Close Box

Join Tek-Tips® Today!

Join your peers on the Internet's largest technical computer professional community.
It's easy to join and it's free.

Here's Why Members Love Tek-Tips Forums:

Register now while it's still free!

Already a member? Close this window and log in.

Join Us             Close