I have a Windows Server 2008 AD Integrated DNS zone across two domain controllers, I have added various CNAMEs pointing to our Build and Dev Web servers to support or continuous integration process.
These CNAME, and the A record for a server vanish over night, not all of them just a small selection usually between 5 and 7 days after they were created.
- No one else in the company has touched the config (only 2 of us have access, I have primary responsibility for managing DNS).
- DNS Scavenging is disabled on both DNS servers.
- There are no error messages or warnings in the Event Logs.
Any ideas, suggestions or solutions appreciated.
I’d still suspect scavenging, personally; those settings have a habit of not working right. The per-zone settings and per-server settings combine to make for some strange behavior.
But, we don’t have to guess at what’s going on. Turn on the
Directory Service Changes security audit category on your domain controllers; more info on how to do this here.
You will then get events in your security log (specifically,
5136 for changes or
5141 for deletions) that communicate exactly who, what, and when the entries were messed with.
Leave a comment
- Cron expression that runs every 5 minutes from 1:30 am – 6:00 am [duplicate]
- Understanding redundant power supplies
- Is there a way for administrators to disable users from installing Firefox extensions?
- Is there research material on NTP accuracy available?
- How to create a limited “domain admin” that does not have access to domain controllers?