Today we’ll continue preparing or start cleaning up our Active Directory environment to make implementing/running Sms 2003 as smooth as possible. Sms 2003 introduced a bit of Active Directory integration. Not as much as some people hoped, but there is a certain degree of interaction. In other words having your Active Directory environment sanitized can help a long way in managing SMS 2003. Today we are going to start cleaning up the Active Directory environment to make our Sms 2003 discovery process as happy as a fish in the water.
Before we dive into our cleaning process there is something you should know about active directory system discovery. Cathy Moya from the Sms Product documentation team describes it quite well in Cathy’s Fine Faq: http://www.microsoft.com/technet/sms/2003/library/techfaq/default.mspx.
“Active Directory System Discovery will create a DDR for a resource only if it can resolve the name to the IP address by using DNS. If a valid DNS entry does not exist for a computer, SMS does not discover the computer but does create a status message stating there were errors for that computer. You might see these computers referred to as bogus in adsysdis.log.”
We are going to take advantage of this little fact to avoid dead weight in Active Directory from making it into our Sms database. What does dns scavenging do? Well it deletes stale resource records. Ever since Windows 2000 the Windows operating systems have supported a feature called Dynamic DNS. Which means the clients dynamically register themselves in dns. Unfortunately unregistering doesn’t always work that well. (Because of clients leaving the network without shutting down, amongst other things. (Don’t you hate those bad behaving end-users?)).
So by enabling dns scavenging you will delete those stale resource records. Net result: Sms 2003 will no longer discover these resources so they will no longer clog your sms 2003 database, not to mention that they will no longer bring your software distribution success rates down in your reports.
For those of you looking to get started, you enable dns scavenging in the properties of your dns zone. Right-Click the Zone and on the aging tab enable the Scavenge stale resource records option, and while your at it configure the scavenging process to run daily instead of weekly by executing dnscmd /config /scavenginginterval 24.
My next post will be about eliminating those dreaded 5503 status messages in Active Directory user and Active Directory System group discovery.
“Everyone is an expert at something”
Kim Oppalfens – Sms Expert for lack of any other expertise
Windows Server System MVP – SMS