Interestingly, the topic of DNS scavenging came up on the MVP alias. Since it appears many client environments still have not yet enabled DNS scavenging, this article is dedicated to why you NEED to enable DNS scavenging. Before it is too late. (dramatic enough? 😉
First, a short story. While employed at a large financial services company as one of their Windows Engineers and lead SCCM architect, we started encountering some strange issues with SCCM remote control. Attempt to remote control a Windows client by NETBIOS name and *another* Windows client would be brought up in the remote control session.
After troubleshooting this issue, we came to the conclusion that there were multiple DNS records for the same NETBIOS name, each with a different IP address! So, it was rather random whether you’d actually remote control to the intended client. Turns out, in 5 years or so that Active Directory was in use, DNS scavenging had NOT been enabled, leading to 1,000’s of invalid, old entries. Implementing DNS Scavenging solved this issue.
What are some of the side effects of DNS with no scavenging? Here are just a few of the possible side effects:
– Remote control fails to reach the intended client
– Client Installation Push method fails to connect to the correct client
– OSD installations – software installations fail
– Client Inventory reporting
– Active Directory discovery issues
How to properly implement? There are a few things you need to know about DNS Scavenging; the first is implementing DNS Scavenging within DNS, then enabling at each DNS zone and the impact of DHCP lease duration.
Some general advice; I’ll usually enable and leave DNS scavenging set to the default 7 days per DNS zone. Since DHCP lease renewals happen approximately half way through the lease period, even a 7 day DHCP lease will typically be OK.
Scavenging should only remove those records that were dynamically registered, not the manually entered A records.
The recommendation would be to take a backup of your DNS environment prior to implementing. And, for the first implementation, starting on an evening or weekend is probably a good idea.
For those clients that get removed from DNS because they are on vacation for 2 weeks, they re-register when they re-connect, and will likely send a new ConfigMgr hw delta at the same time.
Script to locate duplicate DNS entries (thanks Russ):