Maintenance, its boring, repetitive, and often forgotten. The old adage "If it ain't broke, don't fix it" is followed by too many administrators but preventitive maintenance can help you discover minor problems and allow you to fix them before they snowball into major issues!
There are some simple maintenance tasks that you can perform on a weekly or monthly basis to help you keep things running smoothly. First and foremost is to quickly review the DNS Server event logs on your DNS servers. You can lookup any events at the Events and Errors Message Center. This is something that you can do on a daily basis, it only takes a minute and you can create a custom MMC console with your Event Logs from all your servers for quick and easy reference.
Microsoft has some tools available which you can use to test and verify the operation of your DNS Servers. DNSCmd is a powerful tool that can be used to manage your DNS Servers. It can also be used to gather information.
dnscmd [DnsServerName] /info
DNSCmd is part of the support tools package that is located on the Windows install media in the Support directory. Another more powerful tool to test DNS is DCDiag. DCDiag is a command line application that tests the functionality of DCs in a forest and/or domain. DCDiag can also be used to test the DNS servers in your domain.
dcdiag /s:[servername] /test:DNS
Depending on the size and scope of your test this can take a while. All tests should pass.
One thing that can really screw up your internal DNS resolution is old records. Aging and scavenging can be used to look for stale records and delete them. By default, aging and scavenging is disabled on all DNS servers and any of their zones. Aging and scavenging can be accoplished two ways, through the command line using DNSCmd and automatically in the DNS MMC console. DNSCmd is part of the support tools package that is located on the install media in the Support directory. If you wish to run this manually on a weekly or monthly basis run the following command.
dnscmd [dns server name/ip] /startscavenging
If you are like me, lazy, you'll be happy to know that this can be setup to run automatically on one/some/all your DNS zones. To configure automatic aging and scavenging of stale records on ALL zones begin by opening the DNS MMC; right-click on the DNS server and select Set Aging/Scavenging for all Zones.
In the Aging/Scavenging Properties window, tick the Scavenge Stale Resources checkbox. The default No-refresh and Refresh interval of 7 days can be left as is.
Next tick the box to apply the settings to all AD-integrated zones.
Now to force an aging/scavenging cycle, right-click the server again this time selecting Scavenge Stale Resource Records. You will be promted for confirmation, click OK to proceed.
Once complete you will see an event in the DNS Server event log with the ID 2501.
You can also setup Aging/Scavenging on specific zone(s) to run automatically. From within the DNS MMC, drill down to the zone you wish to age/scavenge and right-click it, select properties. On the General page, click the Aging button. You will be given the same options as shown above but they will only be applied to this particular zone.
For more information see:
Windows 2003 DNS Operations Guide