🟠 High   ⏱ 5–30 min  Last verified: 19 May 2026
Affected versions: Windows Server 2025

πŸ“– ~2 min read

Table of contents
  1. Symptom & Impact
  2. Environment & Reproduction
  3. Root Cause Analysis
  4. Quick Triage
  5. Step-by-Step Diagnosis
  6. Solution β€” Primary Fix
  7. Solution β€” Alternative Approaches
  8. Verification & Acceptance Criteria
  9. Rollback Plan
  10. Prevention & Hardening
  11. Related Errors & Cross-Refs
  12. References & Further Reading

Symptom & Impact

Active servers intermittently disappear from DNS because scavenging removes records still in use. Applications fail to resolve service endpoints, causing avoidable outages. Manual record recreation becomes a recurring operational burden.

Environment & Reproduction

Usually appears when no-refresh/refresh intervals are too aggressive relative to DHCP lease and registration cadence. Reproduce by shortening scavenging windows in a test zone and delaying client registration. Valid records can be scavenged.

Get-DnsServerScavenging
Get-DnsServerZoneAging -Name corp.local
Get-DnsServerResourceRecord -ZoneName corp.local -Name app01

Root Cause Analysis

The issue is interval mismatch between DNS aging policy and client refresh behavior. If timestamp updates lag policy windows, records look stale and are deleted. In AD-integrated zones this can impact broad service discovery.

Quick Triage

Check zone aging settings and whether affected records are static or dynamically registered. Verify client registration cadence and DHCP lease duration. Review DNS audit events around deletion times.

Get-WinEvent -LogName 'DNS Server' -MaxEvents 60
Get-DnsServerResourceRecord -ZoneName corp.local -RRType A | Select HostName,Timestamp -First 20
ipconfig /registerdns

Step-by-Step Diagnosis

Map deleted records to owning systems and registration mechanisms (DHCP, static, direct client). Compare policy values across zones and replicated DNS servers. Validate replication latency for DNS partitions.

dnscmd /enumzones
repadmin /showrepl
Get-DnsServerZoneAging -Name corp.local

Solution β€” Primary Fix

Adjust no-refresh and refresh intervals to match operational reality, disable scavenging temporarily if deletion is active, and restore critical records. Re-enable controlled scavenging with tested settings. Force dynamic re-registration where needed.

Still having issues? Our IT Solutions & Services team can diagnose and resolve this for you. Get in touch for a free consultation.

Set-DnsServerScavenging -ScavengingState $true -NoRefreshInterval 7.00:00:00 -RefreshInterval 7.00:00:00
Add-DnsServerResourceRecordA -ZoneName corp.local -Name app01 -IPv4Address 10.10.20.15
ipconfig /registerdns

Solution β€” Alternative Approaches

Convert critical infrastructure records to static entries to avoid timestamp-based scavenging risk. Use DHCP name protection and secure updates for better ownership control. Segment zones by dynamic vs static endpoint patterns.

Verification & Acceptance Criteria

Acceptance requires restored name resolution for affected hosts, stable records over at least one scavenging cycle, and no unexpected deletions in DNS logs. Monitoring should show consistent registration freshness.

Resolve-DnsName app01.corp.local
Get-DnsServerResourceRecord -ZoneName corp.local -Name app01
Get-WinEvent -LogName 'DNS Server' -MaxEvents 30

Rollback Plan

Rollback by restoring prior aging/scavenging values if new settings cause record growth concerns, and maintain manual cleanup temporarily. Keep a backup export of zone data before policy edits. Reassess cadence with DHCP team.

Prevention & Hardening

Define DNS scavenging standards aligned with DHCP leases and endpoint registration behaviors. Monitor deletion counts and alert on spikes by zone. Protect tier-0 records with static registration and change control.

Illustrative mockup for windows-server-2025 β€” terminal_or_powershell
Diagnostics commands in PowerShell β€” Illustrative mockup β€” Progressive Robot
Illustrative mockup for windows-server-2025 β€” event_or_log_viewer
Event log verification for Windows Server 2025 β€” Illustrative mockup β€” Progressive Robot

Often accompanied by AD replication lag and client DNS suffix misconfiguration. Netlogon and service discovery failures may appear downstream. Resolve DNS record lifecycle policy before troubleshooting applications.

Related tutorial: View the step-by-step tutorial for Windows Server 2025.

View all Windows Server 2025 tutorials on the Tutorials Hub β†’

Browse all common problems & solutions on the Tutorials Hub.

References & Further Reading

Microsoft DNS aging/scavenging guidance and secure dynamic update documentation should guide final settings. Internal naming and IPAM standards must define ownership and retention expectations.

Need Expert Help?

If you cannot resolve this yourself, our team offers hands-on Server Management, Managed IT Services, and flexible Support Plans. Contact us today β€” we respond within one business day.