🟒 Low   ⏱ 5–30 min  Last verified: 29 May 2026
Affected versions: Windows Server 2019

πŸ“– ~1 min read

Table of contents
  1. Symptom & Impact
  2. Environment & Reproduction
  3. Root Cause Analysis
  4. Quick Triage
  5. Step-by-Step Diagnosis
  6. Solution β€” Primary Fix
  7. Solution β€” Alternative Approaches
  8. Verification & Acceptance Criteria
  9. Rollback Plan
  10. Prevention & Hardening
  11. Related Errors & Cross-Refs
  12. References & Further Reading

Symptom & Impact

Stale A and PTR records remain and clients intermittently resolve old IP addresses.

Environment & Reproduction

Windows Server 2019 DNS role with mixed static and dynamic records.

Get-DnsServerScavenging
Get-DnsServerZoneAging -Name contoso.local

Root Cause Analysis

Global scavenging or per-zone aging is disabled, or intervals are misconfigured for the workload.

Quick Triage

Verify scavenging state and review recent DNS events.

Get-WinEvent -LogName 'DNS Server' -MaxEvents 40 | Select TimeCreated,Id,Message

Step-by-Step Diagnosis

Inspect record timestamps and dynamic update settings across affected zones.

Get-DnsServerZone -Name contoso.local | Select ZoneName,DynamicUpdate
Get-DnsServerResourceRecord -ZoneName contoso.local -RRType A | Select HostName,Timestamp
Illustrative mockup for windows-server-2019 β€” terminal_or_powershell
DNS scavenging configuration checks β€” Illustrative mockup β€” Progressive Robot

Solution β€” Primary Fix

Enable scavenging globally and enable aging on the affected zone with safe intervals.

Still having issues? Our IT Solutions & Services team can diagnose and resolve this for you. Get in touch for a free consultation.

Set-DnsServerScavenging -ScavengingState $true -ApplyOnAllZones -NoRefreshInterval 7.00:00:00 -RefreshInterval 7.00:00:00 -ScavengingInterval 7.00:00:00
Set-DnsServerZoneAging -Name contoso.local -Aging $true
Start-DnsServerScavenging
Illustrative mockup for windows-server-2019 β€” event_or_log_viewer
DNS server events for scavenging β€” Illustrative mockup β€” Progressive Robot

Solution β€” Alternative Approaches

Perform targeted cleanup for known stale hosts before enabling broad scavenging.

Remove-DnsServerResourceRecord -ZoneName contoso.local -RRType A -Name oldhost01 -Force

Verification & Acceptance Criteria

Stale records are reduced without removing active dynamic registrations.

Resolve-DnsName app01.contoso.local
Get-DnsServerResourceRecord -ZoneName contoso.local -RRType A | Measure-Object

Rollback Plan

Restore exported zone data if valid production records were removed.

dnscmd /zoneexport contoso.local contoso.local.bak

Prevention & Hardening

Separate static infrastructure records into dedicated zones and audit dynamic updates.

Set-DnsServerZone -Name contoso.local -DynamicUpdate Secure

Common with DHCP DNS credential misconfiguration and duplicate host records.

Related tutorial: View the step-by-step tutorial for Windows Server 2019.

View all Windows Server 2019 tutorials on the Tutorials Hub β†’

Browse all common problems & solutions on the Tutorials Hub.

References & Further Reading

Microsoft Learn: DNS scavenging design for AD-integrated zones.

Need Expert Help?

If you cannot resolve this yourself, our team offers hands-on Server Management, Managed IT Services, and flexible Support Plans. Contact us today β€” we respond within one business day.