DNS: Zone <zone name> scavenging server list should not be empty

Updated: October 15, 2010

Applies To: Windows 7, Windows Server 2008, Windows Server 2008 R2, Windows Server 2012

This topic is intended to address a specific issue identified by a Microsoft Baseline Configuration Analyzer or Best Practices Analyzer scan. You should apply the information in this topic only to computers that have had the DNS Microsoft Baseline Configuration Analyzer or DNS Best Practices Analyzer run against them and are experiencing the issue addressed by this topic. For more information about best practices and scans, see Best Practices Analyzer.

Operating System

Windows Server 2008, Windows Server 2008 R2, Windows Server 2012

Product/Feature

DNS

Severity

Warning

Category

Configuration

Issue

Scavenging is enabled but there are no scavenging servers specified for the zone.

If record aging is enabled for the zone, there must be at least one scavenging server configured with permission to scavenge resource records in the zone.

Impact

DNS records in the zone will not be scavenged.

DNS Records in the zone will not be scavenged even through record aging is enabled. With this configuration, the zone might contain duplicate entries for some resource records.

Resolution

Configure the list of DNS scavenging servers for the zone.

By default, all servers that host a DNS zone can scavenge records in the zone if scavenging is enabled. If the zone is hosted by more than one DNS server, you can limit the number of servers that are allowed to scavenge resource records. This is useful if it is preferable that scavenging only be performed by some servers loading the zone. To configure the list of scavenging servers for a zone, you must set the ZoneResetScavengeServers parameter using the dnscmd command, a command-line based tool for administering Windows DNS servers.

Membership in Administrators, or equivalent, is the minimum required to complete these procedures. Review details about using the appropriate accounts and group memberships at Local and Domain Default Groups (https://go.microsoft.com/fwlink/?LinkId=83477).

To configure the list of servers that can scavenge the specified zone

  1. Open an elevated command prompt.

  2. Type the following command, and then press ENTER:

    dnscmd [ServerName] /zoneresetscavengeservers ZoneName [ServerIPs]

Parameters

  • ServerName
    Specifies the DNS server the administrator is planning to manage, represented by local computer syntax, IP address, FQDN, or host name. If omitted, the local server is used.
  • ZoneName
    Identifies the zone to scavenge.
  • ServerIPs
    Lists the IP addresses of the servers that can scavenge records in the zone. If this parameter is omitted, then all servers hosting this zone can scavenge it.

Sample Usage

dnscmd dnssvr1.contoso.com /zoneresetscavengeservers test.contoso.com 10.0.0.1 10.0.0.2

See Also

Concepts

Managing Aging and Scavenging