Re: Cannot delete a PTR record, AD integrated DNS
That seems to have worked, Coleman, thank you. Needed to have a '.' after 'arpa' in the command, but the link made that clear. For anyone's reference, the IP on this reverse record was 10.1.1.101, and the command I used to smoke it was: dnscmd /RecordDelete 10.in-addr.arpa. 101.1.1 PTR Appreciate the assist. From: Coleman, Hunter Sent: Thursday, August 05, 2010 11:17 PM To: NT System Admin Issues Subject: RE: Cannot delete a PTR record, AD integrated DNS The hotfix only prevents new PTR records from getting created with capital letters in the host name. Existing records with that affliction can only be deleted with dnscmd.exe, IIRC. From: Brian Desmond [mailto:br...@briandesmond.com] Sent: Thursday, August 05, 2010 5:17 PM To: NT System Admin Issues Subject: RE: Cannot delete a PTR record, AD integrated DNS The KB he linked should be rolled in to 2003 SP1 based on the date. Thanks, Brian Desmond br...@briandesmond.com c - 312.731.3132 From: Sean Martin [mailto:seanmarti...@gmail.com] Sent: Thursday, August 05, 2010 6:05 PM To: NT System Admin Issues Subject: Re: Cannot delete a PTR record, AD integrated DNS I think Hunter is on the right track. I seem to recall having to run through a similar process for a similar issue. - Sean On Thu, Aug 5, 2010 at 1:53 PM, Brian Desmond br...@briandesmond.com wrote: So is the record on all your DCs or just one? Are you sure the reverse zone is replicating in the ForestDnsZones NDNC? What I would suggest doing is turning on auditing for this subtree in AD and enabling DS Access auditing and then you can figure out what's causing it to get created. Thanks, Brian Desmond br...@briandesmond.com c - 312.731.3132 -Original Message- From: mb [mailto:midphan12...@gmail.com] Sent: Thursday, August 05, 2010 4:25 PM To: NT System Admin Issues Subject: Re: Cannot delete a PTR record, AD integrated DNS There is no corresponding A record for this PTR record. There is however a different machine at that IP with A PTR records, and this ghost PTR record is causing a little bit of grief to the folks that manage this other system. The A record that originally existed for this ghost PTR record, that's been gone a couple of years at least. Was looking for zone files just on a hunch. I do understand that being AD integrated, this is stored in AD, but in my original note I mentioned that I used ADSIEdit to look in ForestDNSZones, and this ghost PTR record does not exist there. So it's somehow local to any domain controller (because it reappears faster than it could be replicating back), and it's not where it should be within the AD database. I'm missing something. -- From: Brian Desmond br...@briandesmond.com Sent: Thursday, August 05, 2010 4:09 PM To: NT System Admin Issues ntsysadmin@lyris.sunbelt-software.com Subject: RE: Cannot delete a PTR record, AD integrated DNS There are no zone files there because your zones are stored in AD. What's the corresponding A record for this represent? Thanks, Brian Desmond br...@briandesmond.com c - 312.731.3132 -Original Message- From: mb [mailto:midphan12...@gmail.com] Sent: Thursday, August 05, 2010 4:07 PM To: NT System Admin Issues Subject: Re: Cannot delete a PTR record, AD integrated DNS This is interesting. Checked \system32\dns on a few of our domain controllers, I'm not finding any zone files with any data in them. I haven't checked all the domain controllers. One thing though - on any DC, if I delete this record and then immediately refresh the zone, that record is right there again, like it's coming from something local or I didn't actually delete the record (though I'm not seeing any kind of error dialogue). Checked properties on this record. There's no timestamp, it's a static record. I suppose that means it could never become stale - thought about trying the Delete this record when it becomes stale checkbox. Just because I've tried everything I know that makes sense. I could interrupt DHCP if I do it late on a weekend night. And it's worth a try. But I just keep going back to the fact that this record reappears instantly, as fast as I can delete/refresh, that record is there, on any domain controller (all our DC's are running DNS). So I'm thinking this isn't replicating from another DC or being dynamically created from a DHCP server. -- From: Ben Scott mailvor...@gmail.com Sent: Thursday, August 05, 2010 2:00 PM To: NT System Admin Issues ntsysadmin@lyris.sunbelt-software.com Subject: Re: Cannot delete a PTR record, AD integrated DNS On Thu, Aug 5, 2010 at 2:38 PM, mb midphan12...@gmail.com wrote: I've tried through ADSIEdit, and interestingly, this record does not exist there. It does show up in the DNS console as a 'static' record, but I'm at a loss where it's coming from
Cannot delete a PTR record, AD integrated DNS
Details - have a PTR record I am unable to get rid of. I can delete it, immediately refresh the zone, and there it is. The machine name in the record is in all caps, which is unusual. There is no corresponding forward record. This machine has not existed for a long time, was a fax server long ago. All our zones are propagated to all DNS servers in the AD forest. I've tried connecting to several DC's at one time, enumerating that reverse zone, deleting the record on all of them. No help. I've tried through ADSIEdit, and interestingly, this record does not exist there. It does show up in the DNS console as a 'static' record, but I'm at a loss where it's coming from. Looked in WINS, nothing there. Anyone have an idea for me? ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Re: Cannot delete a PTR record, AD integrated DNS
This is interesting. Checked \system32\dns on a few of our domain controllers, I'm not finding any zone files with any data in them. I haven't checked all the domain controllers. One thing though - on any DC, if I delete this record and then immediately refresh the zone, that record is right there again, like it's coming from something local or I didn't actually delete the record (though I'm not seeing any kind of error dialogue). Checked properties on this record. There's no timestamp, it's a static record. I suppose that means it could never become stale - thought about trying the Delete this record when it becomes stale checkbox. Just because I've tried everything I know that makes sense. I could interrupt DHCP if I do it late on a weekend night. And it's worth a try. But I just keep going back to the fact that this record reappears instantly, as fast as I can delete/refresh, that record is there, on any domain controller (all our DC's are running DNS). So I'm thinking this isn't replicating from another DC or being dynamically created from a DHCP server. -- From: Ben Scott mailvor...@gmail.com Sent: Thursday, August 05, 2010 2:00 PM To: NT System Admin Issues ntsysadmin@lyris.sunbelt-software.com Subject: Re: Cannot delete a PTR record, AD integrated DNS On Thu, Aug 5, 2010 at 2:38 PM, mb midphan12...@gmail.com wrote: I've tried through ADSIEdit, and interestingly, this record does not exist there. It does show up in the DNS console as a 'static' record, but I'm at a loss where it's coming from. Check %SystemRoot%\system32\dns\ for any files which might contain the offending record. Some vague notion deep in the dusty reaches of the back of my mind says there's a thing where MS-DNS will automatically load/merge records from (some of?) those files even if it's AD integrated. Open the MS DNS MMC GUI. Enable Advanced features (under View menu). Select the offending record and bring up properties. What's the time stamp? Is it something recent or wicked old? Check the Security tab. See if there are any funky permissions that might be restricting things. If you can, try stopping your DHCP server service(s) and then deleting the record, to see if it comes back without DHCP running. It's the DHCP service which actually issues the DDNS UPDATE command for AD clients. -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Re: Cannot delete a PTR record, AD integrated DNS
There is no corresponding A record for this PTR record. There is however a different machine at that IP with A PTR records, and this ghost PTR record is causing a little bit of grief to the folks that manage this other system. The A record that originally existed for this ghost PTR record, that's been gone a couple of years at least. Was looking for zone files just on a hunch. I do understand that being AD integrated, this is stored in AD, but in my original note I mentioned that I used ADSIEdit to look in ForestDNSZones, and this ghost PTR record does not exist there. So it's somehow local to any domain controller (because it reappears faster than it could be replicating back), and it's not where it should be within the AD database. I'm missing something. -- From: Brian Desmond br...@briandesmond.com Sent: Thursday, August 05, 2010 4:09 PM To: NT System Admin Issues ntsysadmin@lyris.sunbelt-software.com Subject: RE: Cannot delete a PTR record, AD integrated DNS There are no zone files there because your zones are stored in AD. What's the corresponding A record for this represent? Thanks, Brian Desmond br...@briandesmond.com c - 312.731.3132 -Original Message- From: mb [mailto:midphan12...@gmail.com] Sent: Thursday, August 05, 2010 4:07 PM To: NT System Admin Issues Subject: Re: Cannot delete a PTR record, AD integrated DNS This is interesting. Checked \system32\dns on a few of our domain controllers, I'm not finding any zone files with any data in them. I haven't checked all the domain controllers. One thing though - on any DC, if I delete this record and then immediately refresh the zone, that record is right there again, like it's coming from something local or I didn't actually delete the record (though I'm not seeing any kind of error dialogue). Checked properties on this record. There's no timestamp, it's a static record. I suppose that means it could never become stale - thought about trying the Delete this record when it becomes stale checkbox. Just because I've tried everything I know that makes sense. I could interrupt DHCP if I do it late on a weekend night. And it's worth a try. But I just keep going back to the fact that this record reappears instantly, as fast as I can delete/refresh, that record is there, on any domain controller (all our DC's are running DNS). So I'm thinking this isn't replicating from another DC or being dynamically created from a DHCP server. -- From: Ben Scott mailvor...@gmail.com Sent: Thursday, August 05, 2010 2:00 PM To: NT System Admin Issues ntsysadmin@lyris.sunbelt-software.com Subject: Re: Cannot delete a PTR record, AD integrated DNS On Thu, Aug 5, 2010 at 2:38 PM, mb midphan12...@gmail.com wrote: I've tried through ADSIEdit, and interestingly, this record does not exist there. It does show up in the DNS console as a 'static' record, but I'm at a loss where it's coming from. Check %SystemRoot%\system32\dns\ for any files which might contain the offending record. Some vague notion deep in the dusty reaches of the back of my mind says there's a thing where MS-DNS will automatically load/merge records from (some of?) those files even if it's AD integrated. Open the MS DNS MMC GUI. Enable Advanced features (under View menu). Select the offending record and bring up properties. What's the time stamp? Is it something recent or wicked old? Check the Security tab. See if there are any funky permissions that might be restricting things. If you can, try stopping your DHCP server service(s) and then deleting the record, to see if it comes back without DHCP running. It's the DHCP service which actually issues the DDNS UPDATE command for AD clients. -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Running a batch file as a service, 2K8 R2
In the Windows Server 2003 resource kit, there was a utility named autoexnt.exe that allowed you to run a batch file as a service. We have one 2K3 server that we need to retire replace with a 2K8 machine, and I need to move this service. The 2K8 R2 resource kit includes six books, zero tools. It does, however, have a Companion CD, and off that CD's menu you'll see Tools. Included in the Tools menu is Windows Server 2003 Resource Kit Tools, and that link takes you to a Microsoft webpage listing the tools included in the 2K3 RK, and verbiage saying that the supported OS's are Server 2K3 XP, and that these tools are not supported on 64-bit platforms. Not sure what business that has being a link from a 2K8 R2 RK. An alternative would be to run the script in a disconnected RDP session, but that's a little cumbersome and a bit risky. (the task is fairly simple - check a folder every 15 minutes, if there are any files in it, FTP them to a destination and then move them to an archive folder) I've been searching Microsoft's KB, found a link to an executable named sc.exe, To remotely create and start a service from the command line, you can use the SC tool (Sc.exe) included in the Resource Kit. (It's not included in the resource kit, there are no tools in the resource kit... but it is included in a standard 2K8 R2 build...) It appears that this will create a service out of an executable, which leaves me to find a way to convert a batch to an exe, which I've seen before can likely find. Question to the group is - do you know of a way to run a batch file as a service on 2K8 R2? ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
DNS Cache - Do you ever clean it up?
Just curious what others here do. Recently had a minor issue that had me looking in our DNS cache for an answer. When I expanded the .com zone, it hit the default max of 10,000 domains to display. I looked through it a bit, and a lot of those zone folders were empty, as TTL's had expired and records were long gone. Our DNS is AD integrated. I've always been sort of a neat-freak about keeping our AD database clean. I'll go through a couple times a year run a report remove old, stranded machine accounts, etc. So noticing all the stagnant zone folders in that cache, I thought maybe it'd be good housekeeping to go in there smoke the cache once a year or so. Anyone ever mess with this? ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Re: DNS Cache - Do you ever clean it up?
Good point Ben. That slipped by me. That cache is not replicated. So, this isn't a matter of AD db housekeeping. Now it's a less significant matter of - do you bother cleaning out cache on your DNS servers, period? All our DC's are DNS servers, but of the 60+, just two of them are employed to service external name lookups. Those two have a pretty monstrous cache, with lots of empty zones. Is it worth even thinking about, clear that cache a time or two per year? Or just let it build up knowing it has no detrimental effect on anything? -- From: Ben Scott mailvor...@gmail.com Sent: Friday, May 21, 2010 11:06 AM To: NT System Admin Issues ntsysadmin@lyris.sunbelt-software.com Subject: Re: DNS Cache - Do you ever clean it up? On Fri, May 21, 2010 at 11:56 AM, mb midphan12...@gmail.com wrote: Just curious what others here do. Recently had a minor issue that had me looking in our DNS cache for an answer. When I expanded the .com zone, it hit the default max of 10,000 domains to display. I looked through it a bit, and a lot of those zone folders were empty, as TTL's had expired and records were long gone. Our DNS is AD integrated. Microsoft's DNS server doesn't keep cached non-authoritative records in Active Directory, does it? -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Re: Windows 7 con't
If you're not already, log into the troublesome laptop as local administrator. Sometimes in Vista, required admin level access problems are not accurately relay via the dialogue boxes you're seeing. From: Cameron Sent: Wednesday, May 12, 2010 4:06 PM To: NT System Admin Issues Subject: Re: Windows 7 con't Another strange thing is that both machines do not show up in AD Computer list...but if you search for them it finds them... On Wed, May 12, 2010 at 4:35 PM, John Aldrich jaldr...@blueridgecarpet.com wrote: Check the firewall? Seriously, I had that problem with the new Vista machine we have. I forgot to disable the firewall and it didn’t want to install. From: Cameron [mailto:cameron.orl...@gmail.com] Sent: Wednesday, May 12, 2010 4:24 PM To: NT System Admin Issues Subject: Windows 7 con't Good day all, Windows 7 (32bit) - two laptops, same make and model. Installing Vipre - one no problem, second...denied! I cannot map the admin shares on the laptop. I setup one machine (the one that works) and a coworker setup the other. I have been all through it and can't figure out what the heck is going on. I've been searching google for answers and can't find the answer. I'm sure it's something really simple. I have added the reg entry as some people have suggested and that didn't work. Any ideas? Cheers, Cameron who is REALLY starting to dislike Win 7 in a domain ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~image001.jpgimage002.jpg
Batch help, please
I need to let the user input a name, and then pull the first character of that name into a variable. So I get my input like this: set /p var1=Enter folder name (type 'exit' to leave): if %VAR1% equ exit goto:End And I have a variable named var1 that has a name. How do I nab the first character out of that value? Thanks in advance. ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~
