Hi all,
Three of our static DNS entries keep disappearing and we have to keep adding them back in. Sometimes they stay in for 1-2 weeks, sometimes only a few hours. We have many static entries but it is always these same three that give us issues. We are running four Windows 2008 (non-R2) Domain Controllers. Two of these machines are Server Core and the other two are full versions.
I have followed Ace's blog (thanks btw!) about looking for a duplicate zone but I don't think this is the case. So I have turned on DNS auditing. When the record gets deleted it logs EventID 5136 sixteen times:
<REMOVED LOG FOR READABILITY>
From these logs it appears that DC-SERVER3$ is what is deleting these items. Is that a correct assumption? DC-SERVER3 is one of the four domain controllers and is one of two running server core.
I am unsure where to go from here. Any help would be MUCH appreciated. Thanks!