Windows Server DNS Scavenging Failure

On Windows Servers with the DNS role installed, automatic scavenging can be configured to clean up stale endpoint entries that are registered in a zone. Scavenging can fail though, even when the server and zone have been setup properly. See the popular link at the end of this post (reference 1) to see the three places that must be configured within DNS for scavenging to work.

What is important to understand here in this post though is: 1) scavenging takes time, and 2) the problem I am discussing must be fixed using the command-line utility “dnscmd”.

Open “cmd.exe” as admin on the server configured to run scavenging and run the following command:

dnscmd /zoneinfo <dnszone.com>

Look for the IP address – it should be near the bottom of the output. This address should be the address of the server that you have configured to run the scavenging process. In my case, the address displayed was that of the old server that no longer exists in the domain. So we need to change it to the proper scavenging server’s IP address. The second reference below provides this example to change the IP address:

dnscmd /zoneresetscavengeservers <dnszone.com> <Ip of the current DNS Server>

References:

  1. https://sysadminray.wordpress.com/2012/09/29/dont-be-afraid-of-dns-scavenging-just-be-patient/
  2. https://support.microsoft.com/en-us/help/2791165/dns-scavening-records-are-not-deleted-if-scavenging-manually-disabled