I have an issue where records are 'disappearing' from my primary DNS zone. The client records for these devices are static entries. The entries replicate correctly but get randomly removed. I have tracked the edits back to the PDC with auditing. Where do I go from here?
Here is the setup:
- 4 Win7 clients connected through VPN to my domain.
- Three Server 2012R2 DCs; Two at my local site and one on Azure.
- DNS is integrated into Active Directory.
- DNS Scavenging is off.
- "Delete record when stale" is unchecked.
From my searching online I have found an article about disappearing DNS records. Used ASDIEdit to check the Partitions in the Configuration and was able to load the DomainDnsZones and ForestDnsZones as well. I also setup auditing on the DNS entries. This enabled me to track what was making the edits…
Subject:
Security ID: SYSTEM
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon ID: 0x44936
Directory Service:
Name: example.com
Type: Active Directory Domain Services
Object:
DN: DC=computer_name,DC=example.com,cn=MicrosoftDNS,DC=DomainDnsZones,DC=example,DC=com
GUID: DC=computer_name,DC=example.com,CN=MicrosoftDNS,DC=DomainDnsZones,DC=example,DC=com
Class: dnsNode
Attribute:
LDAP Display Name: dNSTombstoned
Syntax (OID): 2.5.5.8
Value: TRUE
Great so I know my DC made the edit. That doesn't tell me why and leaves me stuck. Any suggestions?
Update:
It appears after changing the Zones Dynamic update settings from Unsecure & Secure to Secure only the deletions still occur.
I am looking into the possibility of a replication issue at the moment. When I update the PDC static entry, it replicates fine to the second DC but does not replicate to the DC in a seperate site.
Best Answer
The solution was given in the comments by msemack. The issue was due to the Dynamic Updates setting on the zone set to
Unsecured and Securerather thanSecure only.