Hi Bruce, Can you find the object using ADSIEDIT? There are three places you should check for the DNS zone. You've already checked DomainDNSZones, so that leaves the domain partition and the ForestDNSZones partition. The domain partition should be in adsiedit by default, but you will need to add ForestDNSZones. Once you have adsiedit opened, right-click "ADSI Edit" in the left column, then choose "Connect to". Choose "Select or type a Distinguished Name or Naming Context" and enter the dn of your forestdnszones partition in the text box. It should look something like dc=forestdnszones,dc=yourforestroot,dc=com. Change the value of the Name field to ForestDNSZones. Click OK. You should now have the ForestDNSZones partition in the left column.
Expand the left column as follows (I'm using 192.168.1.0 as the network in this example): (ForestDNSZones) ForestDNSZones > DC=ForestDNSZones,DC=yourforestroot,DC=com > CN=MicrosoftDNS > DC=1.168.192.in-addr.arpa. - OR - (Domain) Domain > DC=yourdomain,DC=com > CN=System > CN=MicrosoftDNS > DC=1.168.192.in-addr.arpa Find the duplicate record. Right-click it and choose Properties. Find the distinguishedName attribute and copy/paste the value into a notepad window. In your response to William King, you indicated that the record reappears immediately when you delete it. Delete the entire record in adsiedit. This should remove the good AND the bad records. Refresh the reverse lookup zone and see if it's truly gone. Get on the machine that currently has the IP address and force registration using "ipconfig /registerdns". Verify, in adsiedit and DNS management, that the record is correct. If everything is correct, keep an eye on it for a few hours and make sure that the bad data doesn't return. If the bad data does return, you can then plug the record's dn into the "repadmin /showobjmeta" command to find out when the dnsRecord attribute was last modified. Then you can look at the security log on the domain controller to find out who modified that object at that time. It's possible that you're not auditing these objects. If that's the case, then see http://support.microsoft.com/?id=814595 for details on how to enable auditing. Let us know if this works out for you. -Andrew -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Clingaman, Bruce Sent: Wednesday, September 27, 2006 8:33 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] DNS entry won't delete The address field is not editable. If I change the host name, the original entry reappears, then I have two bad entries. Bruce Clingaman Information Technology Department Pensacola Christian College 850.478.8496 ext. 2198 [EMAIL PROTECTED] -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Matt Hargraves Sent: Wednesday, September 27, 2006 12:29 AM To: ActiveDir@mail.activedir.org Subject: Re: [ActiveDir] DNS entry won't delete Any chance you can edit the setting so that it points to something not in your network? (ex. you have a 10.x.x.x network, so you reset it to be a 192.168.x.x IP) On 9/26/06, Clingaman, Bruce <[EMAIL PROTECTED]> wrote: My two DCs are Windows 2003 servers, DNS integrated, Primary, The resiliant entries are from Mac OS X clients and one OS X server. The domain name of the entries are from a domain that was renamed. Bruce Clingaman Information Technology Department Pensacola Christian College 850.478.8496 ext. 2198 [EMAIL PROTECTED] -----Original Message----- From: [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]> [mailto:[EMAIL PROTECTED] On Behalf Of Al Mulnick Sent: Tuesday, September 26, 2006 3:18 PM To: ActiveDir@mail.activedir.org <mailto:ActiveDir@mail.activedir.org> Subject: Re: [ActiveDir] DNS entry won't delete Bruce, try the command that Andrew posted and see what results you get. Other things to check: Are the domains integrated? Primary? How are the reverse and forward zones configured? I'm surprised to hear the record is not in WINS. I assume then that it's not a Windows server then? What type of server is it? What is the OS? Al On 9/26/06, Clingaman, Bruce < [EMAIL PROTECTED]> wrote: I got "object not found" error. The following script should enumerate all the zones on both my DCs: ======================================================================== = WScript.Echo Now & vbCrLf DCs = Array("dc1","dc2") for i = 0 to UBound(DCs) strDN = "CN=MicrosoftDNS,DC=DomainDNSZones,DC=mydomain,DC=int" set objColl = GetObject("LDAP://" & DCs(i) & "/" & strDN) WScript.Echo "Entries in " & DCs(i) WScript.Echo String(30, "-") EnumColl objColl WScript.Echo "" next Sub EnumColl(objColl) for each objEntry in objColl WScript.Echo objEntry.Name next End Sub ======================================================================== == It does not display all the zones, one of which has the enties in question. Bruce Clingaman Information Technology Department Pensacola Christian College 850.478.8496 ext. 2198 [EMAIL PROTECTED] -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Andrew Cace Sent: Tuesday, September 26, 2006 9:27 AM To: ActiveDir@mail.activedir.org <mailto:ActiveDir@mail.activedir.org> Subject: RE: [ActiveDir] DNS entry won't delete You can run the following command to see where an update is originating. Then, if you have auditing enabled for that operation, you can check the originating DC to see who made the change. repadmin /showobjmeta yourdc "dc=recordname,dc=yourzone.com ,cn=MicrosoftDNS,dc=DomainDNSZones,dc=your domain,dc=com" Replace yourdc, etc with appropriate values for your domain. For a reverse lookup zone, recordname will be the last octet of the IP address and dc= yourzone.com will be something like dc=2.1.10.in-addr.arpa, where 2.1.10 is the reverse notation of the first three octets of your IP address. Be sure that you have the partition where the zone is stored correct, whether it's DomainDNSZones, ForestDNSZones, or the domain partition. The dnsRecord attribute is the one that you are interested in. -Andrew ________________________________ From: [EMAIL PROTECTED] [mailto: [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]> ] On Behalf Of Clingaman, Bruce Sent: Tuesday, September 26, 2006 8:19 AM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] DNS entry won't delete I have three DNS entries in my Reverse lookup zone that were for static addresses that won't go away. The problem is one of them shares the address and hostname (different domain name, domain was renamed) assigned to another server. When I delete it, it immediately reappears. I am unable to determine what is putting these entries back in. They were for OS X machines, one is a client, the other was a server. The client has been changed to DHCP. The server was reinstalled and given a different IP address. I have a single level domain with two DCs, one is a WINS server, AD/DNS integrated. List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx