Demoted 2003R2 DC SRV record still listed in DNS

domain-name-systemsrv-recordwindows-server-2003-r2windows-server-2008-r2

Yesterday I demoted a 2003R2 DC (but forgot to remove the DNS role), removed it from the domain, changed it's IP address and shut it down. Everything went pretty well (minus a host of authentication issues across the domain until I added the old IP for this DC to it's replacement 2008R2 DC) but I'm still seeing four SRV records in DNS for this DC. DNS is still showing _ldap SRV records for DC1, one each under:
DomainDNSZones->_sites->Default-First-Site-Name->_tcp
DomainDNSZones->_tcp
ForestDNSZones->_sites->Default-First-Site-Name->_tcp
ForestDNSZones->_tcp

DC1 is not listed under any other zone including _msdcs.

Can I simply delete these _ldap SRV records for the demoted DC?

Best Answer

This might be indicative of a replication problem in your environment. You should use repadmin and dcdiag to make sure that there aren't replication problems. If there aren't you might consider using ntdsutil to do a metadata cleanup since it sounds like the demotion might not have happened cleanly despite the wizard's completion.

In all likelihood, you are safe to just delete the offending SRV records, but they may be the tip of the iceberg for a larger problem. Better safe than sorry.

Best Answer

Related Solutions

Windows – DNS Issue Windows 2003 AD-The server holding the PDC role is down

How to clean up Reverse DNS entries in windows 2012

Related Topic