Hi all, thank you for your in advance.

I have done some research here and found out we did not have the "Scavenge
the record" on our DNS server so our DNS server have tons of duplicate
addresses with different PC names. By the way we are running AD with secure
only on the DNS.

I have checked the box now. It may make sense all the old duplicate records
still stay there before the point I made change.

Now my questions are...

1.) how do I clean up the old duplicate records? Manually do it?
2.) Can I delete all records at once?? - we have different sites and
different subnet. Would that be a problem to do so?
3.) If I just deleted the duplicate records when a machine is live... would
that affect any network services on the PC?
4.) In turn of Q3, How do I find out which one is live if I should not
delete them?
5.) What about the PTR records (as I seen there are still duplicate there).

Thank you again for all your in advance. Please let me know if my
questions are not clear. My email is ultrabobson@Hotmail.com.

Thank you!

Bobson

"Bobson" <Bobson@discussions.microsoft.com> wrote in message
news:1A5F0E98-16E0-434A-BC0E-4C21449B3179@microsoft.com...
> Hi all, thank you for your in advance.
>
> I have done some research here and found out we did not have the "Scavenge
> the record" on our DNS server so our DNS server have tons of duplicate
> addresses with different PC names. By the way we are running AD with
> secure
> only on the DNS.

"Tons" is that dozens, hundreds, thousands, etc? If only a dozens
it may just not much matter.


> I have checked the box now. It may make sense all the old duplicate
> records
> still stay there before the point I made change.

You have to enable scavening in TWO ways (but the wizard
may you to do both): On each zone to be scavenged AND
on the server as a whole.

> Now my questions are...
>
> 1.) how do I clean up the old duplicate records? Manually do it?

Yes.

> 2.) Can I delete all records at once?? - we have different sites and
> different subnet. Would that be a problem to do so?

No, not if there is no machine using that record. It cannot
matter -- and if there is (a machine using that record) don't
delete the record.

Even if you make a mistake, the next time these machines boot
they will re-register their correct names/addresses.

> 3.) If I just deleted the duplicate records when a machine is live...
> would
> that affect any network services on the PC?

How? You shouldn't have any ACTUAL duplicates of both
name and address, but rather the same name registered at
different addresses OR different addresses used for the same
name (only the latter is an immediate problem) so if you only
delete the incorrect (i.e., stale) records that hurts nothing.

If you make a mistake then no one will be able to reach that
machine by using the DNS name until it re-registers.

> 4.) In turn of Q3, How do I find out which one is live if I should not
> delete them?

Well, you can ping the addresses (in a batch file to automate
it) and delete any that don't answer (assuming you don't have
the ICF firewall set to refuse pings.)

You can use better tools (than ping) such as the free NMap
(from Insecure.org who are actually very nice people).

You can just delete all the dynamic records and reboot or
use "Ipconfig /all" to register only the current, correct
addresses.

> 5.) What about the PTR records (as I seen there are still duplicate
> there).

Mappings from Address back to name -- for internal networks
(not on the Internet, and usually only for SMTP servers) these
are almost irrelevant except for the convenience of the admins.

Give that, I would likely just delete them as it is inconvenient for
an admin to even have to fool with them and they (the correct ones)
will come back on the next boot of the machines.

> Thank you again for all your in advance. Please let me know if my
> questions are not clear. My email is ultrabobson@Hotmail.com.
>

Generally we restrict responses to the news groups so that everyone
can both or benefit from the questions and answers.

--
Herb Martin, MCSE, MVP
Accelerated MCSE
http://www.LearnQuick.Com
[phone number on web site]

> Thank you!
>
> Bobson
>

Hi
last time that I heard about duplicated records, it wasn't duplicated
records at all, the problem was more that the old records (from demoted
machines) were there and the new ones weren't registring, because someone
changed the password of the Admistrator that was also used to register DHCP
clients in DNS in behalf of those machines.

--
I hope that the information above s you

Good Luck
Jorge Silva
MCSA
Systems Administrator
"Bobson" <Bobson@discussions.microsoft.com> wrote in message
news:1A5F0E98-16E0-434A-BC0E-4C21449B3179@microsoft.com...
> Hi all, thank you for your in advance.
>
> I have done some research here and found out we did not have the "Scavenge
> the record" on our DNS server so our DNS server have tons of duplicate
> addresses with different PC names. By the way we are running AD with
> secure
> only on the DNS.
>
> I have checked the box now. It may make sense all the old duplicate
> records
> still stay there before the point I made change.
>
> Now my questions are...
>
> 1.) how do I clean up the old duplicate records? Manually do it?
> 2.) Can I delete all records at once?? - we have different sites and
> different subnet. Would that be a problem to do so?
> 3.) If I just deleted the duplicate records when a machine is live...
> would
> that affect any network services on the PC?
> 4.) In turn of Q3, How do I find out which one is live if I should not
> delete them?
> 5.) What about the PTR records (as I seen there are still duplicate
> there).
>
> Thank you again for all your in advance. Please let me know if my
> questions are not clear. My email is ultrabobson@Hotmail.com.
>
> Thank you!
>
> Bobson
>

HI Herb,

Thank you for your response! Yeap it is only couple up to 5 for the
duplicate records. "Tons" is little too exaggerated that I have put down.

In fact, when I tried to do a ping... let's say, to a IP which has duplicate
host... It may return a response with a wrong host name (even it is not live)
but from a live PC which has another name.

For this reason, I may have to delete all the duplicates at once even some
of them could still be live...

Thank you very much for your again! Those are very ful to me.

Bobson

"Herb Martin" wrote:

> "Bobson" <Bobson@discussions.microsoft.com> wrote in message
> news:1A5F0E98-16E0-434A-BC0E-4C21449B3179@microsoft.com...
> > Hi all, thank you for your in advance.
> >
> > I have done some research here and found out we did not have the "Scavenge
> > the record" on our DNS server so our DNS server have tons of duplicate
> > addresses with different PC names. By the way we are running AD with
> > secure
> > only on the DNS.
>
> "Tons" is that dozens, hundreds, thousands, etc? If only a dozens
> it may just not much matter.
>
>
> > I have checked the box now. It may make sense all the old duplicate
> > records
> > still stay there before the point I made change.
>
> You have to enable scavening in TWO ways (but the wizard
> may you to do both): On each zone to be scavenged AND
> on the server as a whole.
>
> > Now my questions are...
> >
> > 1.) how do I clean up the old duplicate records? Manually do it?
>
> Yes.
>
> > 2.) Can I delete all records at once?? - we have different sites and
> > different subnet. Would that be a problem to do so?
>
> No, not if there is no machine using that record. It cannot
> matter -- and if there is (a machine using that record) don't
> delete the record.
>
> Even if you make a mistake, the next time these machines boot
> they will re-register their correct names/addresses.
>
> > 3.) If I just deleted the duplicate records when a machine is live...
> > would
> > that affect any network services on the PC?
>
> How? You shouldn't have any ACTUAL duplicates of both
> name and address, but rather the same name registered at
> different addresses OR different addresses used for the same
> name (only the latter is an immediate problem) so if you only
> delete the incorrect (i.e., stale) records that hurts nothing.
>
> If you make a mistake then no one will be able to reach that
> machine by using the DNS name until it re-registers.
>
> > 4.) In turn of Q3, How do I find out which one is live if I should not
> > delete them?
>
> Well, you can ping the addresses (in a batch file to automate
> it) and delete any that don't answer (assuming you don't have
> the ICF firewall set to refuse pings.)
>
> You can use better tools (than ping) such as the free NMap
> (from Insecure.org who are actually very nice people).
>
> You can just delete all the dynamic records and reboot or
> use "Ipconfig /all" to register only the current, correct
> addresses.
>
> > 5.) What about the PTR records (as I seen there are still duplicate
> > there).
>
> Mappings from Address back to name -- for internal networks
> (not on the Internet, and usually only for SMTP servers) these
> are almost irrelevant except for the convenience of the admins.
>
> Give that, I would likely just delete them as it is inconvenient for
> an admin to even have to fool with them and they (the correct ones)
> will come back on the next boot of the machines.
>
> > Thank you again for all your in advance. Please let me know if my
> > questions are not clear. My email is ultrabobson@Hotmail.com.
> >
>
> Generally we restrict responses to the news groups so that everyone
> can both or benefit from the questions and answers.
>
> --
> Herb Martin, MCSE, MVP
> Accelerated MCSE
> http://www.LearnQuick.Com
> [phone number on web site]
>
> > Thank you!
> >
> > Bobson
> >
>
>
>

Hi Jorge,

Thank you to your response (again). Does it mean I need to manually delete
the records for those demoted PC... OR I should be fine now if the "Scavenge
records" is checked in DNS setting?

About the administrator password related factor you mentioned... I am not
sure if it is the major factor to create the duplicates... may you mind if
you could provide some article so I can learn more about what you just
explain?

Thank you again!! I really appreciate all of your s!

Bobson
"Jorge Silva" wrote:

> Hi
> last time that I heard about duplicated records, it wasn't duplicated
> records at all, the problem was more that the old records (from demoted
> machines) were there and the new ones weren't registring, because someone
> changed the password of the Admistrator that was also used to register DHCP
> clients in DNS in behalf of those machines.
>
> --
> I hope that the information above s you
>
> Good Luck
> Jorge Silva
> MCSA
> Systems Administrator
> "Bobson" <Bobson@discussions.microsoft.com> wrote in message
> news:1A5F0E98-16E0-434A-BC0E-4C21449B3179@microsoft.com...
> > Hi all, thank you for your in advance.
> >
> > I have done some research here and found out we did not have the "Scavenge
> > the record" on our DNS server so our DNS server have tons of duplicate
> > addresses with different PC names. By the way we are running AD with
> > secure
> > only on the DNS.
> >
> > I have checked the box now. It may make sense all the old duplicate
> > records
> > still stay there before the point I made change.
> >
> > Now my questions are...
> >
> > 1.) how do I clean up the old duplicate records? Manually do it?
> > 2.) Can I delete all records at once?? - we have different sites and
> > different subnet. Would that be a problem to do so?
> > 3.) If I just deleted the duplicate records when a machine is live...
> > would
> > that affect any network services on the PC?
> > 4.) In turn of Q3, How do I find out which one is live if I should not
> > delete them?
> > 5.) What about the PTR records (as I seen there are still duplicate
> > there).
> >
> > Thank you again for all your in advance. Please let me know if my
> > questions are not clear. My email is ultrabobson@Hotmail.com.
> >
> > Thank you!
> >
> > Bobson
> >
>
>
>

Answers Inline
> Thank you to your response (again). Does it mean I need to manually delete
> the records for those demoted PC... OR I should be fine now if the
> "Scavenge
> records" is checked in DNS setting?
- You can use bot methods

> About the administrator password related factor you mentioned... I am not
> sure if it is the major factor to create the duplicates... may you mind if
> you could provide some article so I can learn more about what you just
> explain?
There's no article for that (not that I know), but assuming that you're
using Windows 2003 DHCP server, you need to provide an user account to the
DHCP server, so that DHCP server register the DNS records in behalf of the
client computers, the problem is that some times the users use the
Administrator account or some account with expiring password, and when that
happens after the Password expires, the DHCP server stops registering the
DNS records, and leaving only those that already were registered, so best
practices would be to create a dedicated account with a non-expire password
to the DHCP.

Note: The Windows 2000 also uses an account that can be changed for security
proposes using the netshell cmd (netsh dhcp server set dnscredentials),
check the links:

Installing Dynamic Host Configuration Protocol (DHCP) and Domain Name System
(DNS) on a Domain Controller

http://support.microsoft.com/kb/255134

Using DNS servers with DHCP

http://technet2.microsoft.com/Window....mspx?mfr=true


--
I hope that the information above s you


Good Luck
Jorge Silva
MCSA
Systems Administrator
"Bobson" <Bobson@discussions.microsoft.com> wrote in message
news:6865C127-4CB6-45EA-9190-708EA6D0C185@microsoft.com...
> Hi Jorge,
>
> Thank you to your response (again). Does it mean I need to manually delete
> the records for those demoted PC... OR I should be fine now if the
> "Scavenge
> records" is checked in DNS setting?
>
> About the administrator password related factor you mentioned... I am not
> sure if it is the major factor to create the duplicates... may you mind if
> you could provide some article so I can learn more about what you just
> explain?
>
> Thank you again!! I really appreciate all of your s!
>
> Bobson
> "Jorge Silva" wrote:
>
>> Hi
>> last time that I heard about duplicated records, it wasn't duplicated
>> records at all, the problem was more that the old records (from demoted
>> machines) were there and the new ones weren't registring, because someone
>> changed the password of the Admistrator that was also used to register
>> DHCP
>> clients in DNS in behalf of those machines.
>>
>> --
>> I hope that the information above s you
>>
>> Good Luck
>> Jorge Silva
>> MCSA
>> Systems Administrator
>> "Bobson" <Bobson@discussions.microsoft.com> wrote in message
>> news:1A5F0E98-16E0-434A-BC0E-4C21449B3179@microsoft.com...
>> > Hi all, thank you for your in advance.
>> >
>> > I have done some research here and found out we did not have the
>> > "Scavenge
>> > the record" on our DNS server so our DNS server have tons of duplicate
>> > addresses with different PC names. By the way we are running AD with
>> > secure
>> > only on the DNS.
>> >
>> > I have checked the box now. It may make sense all the old duplicate
>> > records
>> > still stay there before the point I made change.
>> >
>> > Now my questions are...
>> >
>> > 1.) how do I clean up the old duplicate records? Manually do it?
>> > 2.) Can I delete all records at once?? - we have different sites and
>> > different subnet. Would that be a problem to do so?
>> > 3.) If I just deleted the duplicate records when a machine is live...
>> > would
>> > that affect any network services on the PC?
>> > 4.) In turn of Q3, How do I find out which one is live if I should not
>> > delete them?
>> > 5.) What about the PTR records (as I seen there are still duplicate
>> > there).
>> >
>> > Thank you again for all your in advance. Please let me know if my
>> > questions are not clear. My email is ultrabobson@Hotmail.com.
>> >
>> > Thank you!
>> >
>> > Bobson
>> >
>>
>>
>>