I am fairly new to the environment, as i switched my consulting job to an internal job.
The environment was a flat file dns, with one primary DNS server and multiple secondary servers. I move away from the flat file DNS (single master model), to an active directory integrated DNS with multiple DNS zones. So I moved the multiple DNS domains away from the master zone to their own dedicated DNS zones on the domain controllers within their domain.
The Colleagues already warned me that DNS records tend to mysteriously disappear from time to time, but could not find any proof. I checked the usual suspects (scavenging), but that was disabled. 3 weeks back, I splitted the single DNS zone, in multiple DNS zones, where the splitted DNS is pointing to their own dedicated domain controllers. I used following procedure to do it:
http://blogs.technet.com/b/askpfeplat/archive/2013/12/02/how-to-split-and-migrate-child-domain-dns-records-to-a-dedicated-dns-zone.aspx
Since the migration we had several encounters of DNS records which were deleted, some were explainable (wrong ILO settings), but some were not. As i could not explain the deletions, i enabled auditing on DNS to see who or what is responsible for deleting those objects. This morning i was notified that again a records went missing, so I went to inspect the audit logs. To my surprise I saw that my admin account was logged with the record was deleted. Now I did not delete any records, have no scripts running that modify DNS in anyway, and i seriously doubt that my admin account has been compromised. Is there anyone who could explain why records (A records of members servers) are being deleted, although scavenging is disabled?
I have checked the DNS suffix, and verified that it is not set. In which the client uses the active directory domain to which it is a member.
Answers provided are coming from personal experience, and come with no warranty of success. I as everybody else do make mistakes.