Enable scavenging settings on a DNS server with PowerShell
It is likely that by using the BPA (Best Practices Analyzer) on a new DNS server, you will find the following warning. In this post, I want to show you how to use the Set-DnsServerScavenging cmdlet to correct this warning. Scavenging will help you clean up old unused records in DNS. You can use aging settings to define when the DNS role can remove a stale record.
- No-Refresh interval: The time between the most recent refresh of a record timestamp and the moment when the timestamp may be refreshed again. The default is seven days.
- Refresh interval: The time between the earliest moment when a record timestamp can be refreshed and the earliest moment when the record can be scavenging. The refresh interval must be longer than the maximum record refresh period. By default, this is also seven days.
To enable Scavenging, you must enable it on the:
- The DNS Server
- The DNS Zone
Enable Aging/Scavenging at the DNS Server #
To enable Aging/Scavenging at the DNS Server with PowerShell, use the Set-DnsServerScavenging cmdlet with the following syntax:
Run the PowerShell console as administrator, and then type:
Enable Aging/Scavenging at the Zone. #
To enable Aging/Scavenging at the DNS Server with PowerShell, use the Set-DnsServerZoneAging cmdlet with the following syntax:
Run the PowerShell console as administrator, and then type:
With -ScavengeServers parameter*, _you can specify which server(s) can scavenge records in this zone. If you do not specify any scavenge servers, any primary DNS server that is authoritative for the zone can scavenge.
You can view the settings for your DNS server using the Get-DnsServerScavenging cmdlet.
If you want to know more about the Set-DnsServerScavenging cmdlet, check out this link.