Hello,
I have a single domain with 2 DCs, both Server 2008 (not R2). One of my DCs is DHCP server (the only DHCP server in my domain). DHCP is configured to register DNS records on behalf of clients. I've enabled scavenging but am concerned as I've heard of cases where valid DNS records and service folders (i.e. _msdcs) have disappeared completely when enabled.
I've made the following changes to my DHCP and DNS environment:
DNS
- No refresh interval = 3 days
- Refresh interval = 3 days
- scavenging = 7 days
- scavenging enabled on zone and server
DHCP
- DHCP lease = 7 days
- DNS service now runs under a standard account using domain user credentials
- DC is not a member of the DNSUpdateProxyGroup (I've only got a single DHCP server)
I have a couple of questions:
1. How can I be sure that valid records will not be delted by scavenging? Is there a way to predict which records will be deleted by looking at 2501/2502 events?
2. If the DHCP server was using local system to register DNS records and it's not using set credentials does that mean that previously registered records will not be refreshed/renewed/deleted by the DHCP server as the record owner and security was set to the local system account of dhcpserver1 rather than the DHCP user account credentials?
Thanks
I have a single domain with 2 DCs, both Server 2008 (not R2). One of my DCs is DHCP server (the only DHCP server in my domain). DHCP is configured to register DNS records on behalf of clients. I've enabled scavenging but am concerned as I've heard of cases where valid DNS records and service folders (i.e. _msdcs) have disappeared completely when enabled.
I've made the following changes to my DHCP and DNS environment:
DNS
- No refresh interval = 3 days
- Refresh interval = 3 days
- scavenging = 7 days
- scavenging enabled on zone and server
DHCP
- DHCP lease = 7 days
- DNS service now runs under a standard account using domain user credentials
- DC is not a member of the DNSUpdateProxyGroup (I've only got a single DHCP server)
I have a couple of questions:
1. How can I be sure that valid records will not be delted by scavenging? Is there a way to predict which records will be deleted by looking at 2501/2502 events?
2. If the DHCP server was using local system to register DNS records and it's not using set credentials does that mean that previously registered records will not be refreshed/renewed/deleted by the DHCP server as the record owner and security was set to the local system account of dhcpserver1 rather than the DHCP user account credentials?
Thanks
IT Support/Everything