I ran into a problem while I was locking down a Windows DNS server where I would remove the root hints, but they would keep coming back. I first thought it was because of the "root hints" updates that Microsoft releases every so often. In reality, it was because the root entries were listed in the %windir%\system32\dns\cache.dns file. If you comment out those root hints with a semicolon (including the lines that start with a period (.)), then remove the root hints from your DNS server properties in the DNS Manager MMC snap-in. They should stay away. An example of the cache.dns file after it's been commented out is below.
Showing posts with label DNS. Show all posts
Showing posts with label DNS. Show all posts
Tuesday, April 30, 2013
Sunday, February 17, 2013
Forceful Demotion of a Dead Domain Controller
If one of your domain controllers dies on you, then you cannot gracefully demote it. So, when this happens there are a few things that you need to do to remove it from the domain and cleanup the mess that this failure created.
The first step is to jump on one of your remaining domain controllers that's running Windows 2003 SP1 or newer.
The first step is to jump on one of your remaining domain controllers that's running Windows 2003 SP1 or newer.
Subscribe to:
Posts (Atom)