How can I find a DNS record that disappears?

One of the disadvantages of the multi-host replication mode for Windows Active Directory applications is that the replication mode changes rapidly, and small errors may become large errors in a short time.

Domain Name System (DNS) zones and records may be damaged, including wrong information or even disappear.

Find the deleted DNS record

DNS records can be manually deleted, and some operations can result in this result, such as DC degradation or other object clearing. Of course, DNS records can also be deleted by program. Remember, this record can be deleted on any DC/DNS server like all AD objects and copied to all DC servers. One of the tracing methods is to find the deleted object and view the metadata. All the built-in ldp.exe tools on dcare very helpful for this operation.

In addition, find the DNS records on the AD according to the replication range. These locations are as follows. Table 1 shows the LDP tool for displaying DNS records. Remember, DNS records only show one of the three locations.

Table 1: Replication range location in AD

When objects are deleted, they are placed in the "delete objects" folder, as shown in 1. However, the deleted DNS object is stored in the database where other DNS records are stored. For example, in Figure 2, we can see the DNS record stored in the DC = DomainDNSZones library, but it also has the "delete object" library.

Figure 1: delete an object

Figure 2: DNS record list

Remember:To display the delete object folder (ldp.exe is hidden in the condition), the procedure is as follows:

In ldp.exe, connect to a DC and bind the Administrator Certificate

Go to option-control and select "Restore and delete object" in the "predefined load" area ".

Refresh by selecting "tree-(Domain Name)-complete"

Expand DC = deletedObjects, dc = domainDNSzones... Library, the deleted DNS object is displayed (Figure 3 ). In this case, the record we are interested in is "DC = _ dcdiag_test_record ...". In this example, It is rebuilt many times. Note that the properties displayed in LDP (right panel) in Figure 3 do not help.

This command uses the following format:

Reapadmin/showobjmeta DCName ObjectDN

In this example, we get the ObjectDN from the LDP tool and insert it like this:

C: \ Users \ olseng> repadmin/showobjmeta wtec-dc4 "dc = _ dcdiag_test_record \ 0 ADEL: ba38f888-9314-4ddf-852d-736db6ae181e, cn = deleted

Objects, dc = domaindnszones, dc = wtec, dc = adapps, dc = hp, dc = com "> dnsdelete.txt

Figure 3: deleted DNS object

I want it to go directly to a file to make it easier to use. Output 4. Note that the red lines enclose attributes. This attribute is created when an object is deleted. The GUID and time mark of the initial DC are also displayed. You can view or run the guid in the cname record of the DNS management unit and resolve it to the DC Name. The DC name usually does not display GUID. Now the time when the record is deleted, and when it is executed on which DC is obvious. This helps solve the mystery of the disappearance of records.

Figure 4: output of the deleted DNS record

TechTarget Chinese original content, original article link: http://www.searchsv.com.cn/showcontent_55205.htm