DNS Scavenging – One Minute Explainer

DNS Aging and Scavenging explained in one minute.

DNS aging and scavenging are used to automatically clean up dynamic DNS records after a certain period of time.

DNS aging and scavenging work in concert. You need to configure both!

DNS aging is a zone setting. DNS scavenging is a server setting.

To understand DNS aging and DNS scavenging completely, continue reading.

DNS Aging

To enable automatic cleanup of a DNS zone, you need to configure DNS aging on the zone.

DNS aging is defined by two variables (per zone):

  • The no-refresh interval
  • The refresh interval

DNS clients can’t update their existing DNS record during the no-refresh interval.

DNS servers can’t scavenge (delete) dynamic DNS records until the no-refresh interval plus the refresh interval has expired (default 14 days).

To configure DNS aging, open properties of the DNS zone, select the General tab, click Aging, enable Scavenging, and configure the intervals:

DNS Zone aging configuration.

The use of a no-refresh interval makes good sense:

Since each dynamic DNS update triggers AD replication in AD-integrated DNS, we want to limit this.

DNS Scavenging

Configuring DNS aging on your DNS zones is only half the job.

You must also configure at least one DNS server to perform expired DNS records’ actual deletion (scavenging).

To configure DNS scavenging, open properties of the DNS server, select the Advanced tab, enable scavenging, and set the scavenging period:

DNS server scavenging configuration.

The scavenging period informs the server how often to perform the scavenging (like a scheduled job).

Cut Hours From AD and Office 365 Administration

I hope this article helped you set up an effective DNS cleanup routine.

If you want to become even more efficient, take a look at Easy365Manager.

Easy365Manager is an administration tool that has revolutionized how hundreds of organizations manage hybrid Office 365.

With Easy365Manager, you can manage Office 365 licenses and mailboxes as part of AD user properties.

No more switching between a handful of web consoles and PowerShell.

No more on-premises Exchange Server.

With Easy365Manager, you perform all daily tasks from the comfort of the well-known GUI in AD Users & Computers.

Watch how easy you can decommission a user account in 30 seconds (something that normally would require a handful of tools and minutes):

Easy365Manager gives you GUI access to many semi-complex PowerShell tasks, like calendar permission management and Outlook automapping.

With Easy365Manager, you can move a lot of tasks from third-level support to first-level support.

Download your fully functional 30-day trial today.

It takes less than a minute to install, and no infrastructure changes are needed.

Did you like this post? Maybe your friends will too!