Serial Number too high

[treay]

We had a manager make a DNS change and he changed the number way to
high. In BIND, we used to have a way to reset it back. Does anyone know
of a way with W2K DNS that I can get this number back? And, I KNOW
managers should NOT have DNS admin accounts.

Thanks,

 

[Jeff Cochran]

We had a manager make a DNS change and he changed the number way to
high. In BIND, we used to have a way to reset it back. Does anyone know
of a way with W2K DNS that I can get this number back? And, I KNOW
managers should NOT have DNS admin accounts.

Edit the SOA record for the zone. Right click the zone and choose
properties. Change the serial number to anything you wish. If you
can't open the GUI, you can edit the .DNS file directly and stop/start
the service and it should load.

Jeff

 

[Ryan Hanisco]

Sure... that will work... but then the other DNS servers won't see it as a
change and you'll have to change all of them -- manually.

So, what makes you think its too high? Are you running into errors that the
container won't hold he numbers or are you just concerned because it is a
high number. (sorry, some people get worried with little reason.)

 

[Kevin D. Goodknecht Sr. [MVP]]

In

We had a manager make a DNS change and he changed the
number way to high. In BIND, we used to have a way to
reset it back. Does anyone know of a way with W2K DNS
that I can get this number back? And, I KNOW managers
should NOT have DNS admin accounts.

The best way to se the zone serial is by using the RFC recommendation, that
way you can always set the serial to a higher number. For instance the zone
serial today would be 2005032100 tomorrow 2005032200 abd so on. Unless the
serial increments more than 100 a day automatically, you can manually
increase it by 100 a day. It gives you 36,500 possible serials a year and
still be in the range to increase it.

 

[treay]

The reason I want it lowered, I want to conform to the RFC and he
changed the year stamp to 2110. I have tried pausing all the zones in
the forest (26 globally) and changing them manually, but they come back
to the higher number.Very frustrating.

thanks,

 

[Kevin D. Goodknecht Sr. [MVP]]

In

The reason I want it lowered, I want to conform to the
RFC and he changed the year stamp to 2110. I have tried
pausing all the zones in the forest (26 globally) and
changing them manually, but they come back to the higher
number.Very frustrating.

I'm afraid you'll have to reinstall the zone, you cannot go backwards with
the zone serial, you can only go higher and expect it to replicate out.
You might be able to point all DCs to one DNS server then change that zone
to standard primary to remove it from AD. Then change the zone serial and
see if the new serial holds after restarting the DNS service. You may have
to stop the DNS service and manually edit the zone file in the
%systemroot%\system32\dns and %systemroot%\system32\dns\backup directories,
then start the DNS service. Put the zone back in AD and wait for it to
replicate.