Your network contains an Active Directory forest named contoso.com.
Users frequently access the website of an external partner company. The URL of the
website is http://partners.adatum.com.
The partner company informs you that it will perform maintenance on its Web server and that
the IP addresses of the Web server will change.
After the change is complete, the users on your internal network report that they fail to
access the website. However, some users who work from home report that they can access
the website.
You need to ensure that your DNS servers can resolve partners.adatum.com to the correct
IP address immediately.
What should you do?
A.
Run dnscmd and specify the CacheLockingPercent parameter.
B.
Run Set-DnsServerGlobalQueryBlockList.
C.
Run ipconfig and specify the Renew parameter.
D.
Run Set-DnsServerCache.
Explanation:
http://technet.microsoft.com/en-us/library/jj649852.aspx
Run Set-DnsServerCache with the -LockingPercent switch. dnscmd technically works also.
checked DNScmd doesn’t have only Set-DNSServerCache
dnscmd /Config /CacheLockingPercent
I think correct is D
If server 2012 R2 http://technet.microsoft.com/en-us/library/jj649852.aspx Applies To: Windows 8.1, Windows PowerShell 4.0, Windows Server 2012 R2
If older servers then: http://technet.microsoft.com/en-us/library/cc772069.aspx
Applies To: Windows 8, Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2008, Windows Server 2008 R2, Windows Server 2012
The correct answer is A. I have verified it with 6 other VCE files and I also ran this command and researched the content.
Truth be told. the correct answer is actually ipconfig /flushdns. . . . .but thats neither here nor there. . . .
🙂
you are correct, but if you have 500 users you will not consider the ipconfig way, otherwise, you will type the command 500 times or run a script and ask all users to log off or even restart
…….
the answer is D
ACtually running this on the client computers would do nothing if the DNS server has cached the wrong IP addresses
Exactly. The command should be dnscmd /clearcache. I think this question might have been updated. Here there’s a different set of options…
https://www.aiotestking.com/microsoft/what-should-you-do-5879/
Both A and D are correct ways of changing the Cache Locking Percentage. This page (http://technet.microsoft.com/nl-be/library/ee649148%28v=ws.10%29.aspx) dates from 2009 and specifies dnscmd is the preferred way of changing the Cache Locking Value. Set-DnsServerCache probably didn’t exist at that time. As Microsoft is pushing Powershell cmds more and more my bet is on answer D.
ipconfig /flushdns won’t solve this problem. It clears the DNS client cache, not the server cache.
Considering this is for Server 2012R2 I’d go with D.
http://technet.microsoft.com/en-us/library/jj649852.aspx
The reason A is incorrect is because dnscmd is deprecated.
http://strotmann.de/roller/dnsworkshop/entry/dnssec_with_powershell_und_dnscmd
“One automation option is the dnscmd tool. However, dnscmd is deprecated and might be removed from future versions of Windows. The more modern way is to use PowerShell”
tell the correct answer plzzzz????
Hassan, if you read my previous comment you would have seen that D is the correct answer.
option D wasn’t on in my exam. instead, Run dns command and clear cache option was there. Also some other options, am not sure which one was correct.
“A” must be the winner. There is an exam tip on this topic( Exam Ref 70-417: Upgrading Your Skills to MCSA Windows Server 2012 R2 70-417 by J.C. Mackin).
Apparently both A and D are correct, the difference is that for A there is specified a parameter( the cmd is : dnscmd /config /cacheLockingPercent ) and for D there isn’t any and it must be(the cmd is: Set-DNSServerCache -LockingPecent ). I think some of you already noticed.
I had this question on my exam yday….which i failed :(….. and i also went for the PowerShell command even though i wasnt too sure. But as you explained, the option with the DNSCMD is more spcific which makes more desireble. Somebody mentioned DNSCMD is deprecated but it works just fine on Server 2012r2. While both answers are good in their way, the one with the DNSCMD i believe is the winner as it is more specific.
Answer = D
http://technet.microsoft.com/en-us/library/jj649852.aspx
http://technet.microsoft.com/en-us/library/ee683892(v=ws.10).aspx
Get-DNSserverCache
Set-DnsServerCache -LockingPercent 0
Check the output of dnscmd /?
Microsoft recommends transition to powershell commands for managing dns.
I’ll go for D.
See https://technet.microsoft.com/en-us/library/cc772069.aspx?f=255&MSPPError=-2147217396 for ‘dnscmd’ parameters. There is no CacheLockingPercent parameter. The answer is D.
The question isn’t asking you to set the CacheLockingPercent paramenter is it !?!?
If you use dnscmd /clearcache that would resolve the problem if you use set-dnsservercache -lockingpercent 0 that should also fix the issue.
Would you want all your dns records TTL to be disregarded and constantly overwritten ?
This is a tricky one, I think I’d go with D as others have said, powershell is preferable in Win2012.
Correction.
I just re-read the question, it’s definitely D as there’s no option to set cachelocking with DNSCMD
You were right Billy 🙂
Actually would dnscmd /clearcache resolve the issue? The clients would still have the stale address in their local cache until the TTL expired or ipconfig /flushdns was run.
This is why LockingPercent is needed, you need to tell all the clients to clear their cache ASAP. Now im not sure how the clients get the TTL change pushed out to them, I assume the DNS server will do that promptly somehow.
You’re wrong:
Look here : https://technet.microsoft.com/en-us/library/ee649148(v=ws.10).aspx
there is an option : dnscmd /Config /CacheLockingPercent
Applies To: Windows Server 2008 R2
A does not match:
At a command prompt, type the following, and then press ENTER: dnscmd ServerName /clearcache
https://technet.microsoft.com/nl-nl/library/cc779173%28v=ws.10%29.aspx
D does not match:
Either Set-DnsServerCache for modifying cache settings for a DNS server
or Clear-DnsServerCache for clearing resource records from a cache on the DNS server.
https://technet.microsoft.com/en-us/library/jj649852.aspx and https://technet.microsoft.com/en-us/library/jj649893.aspx
On the remark that if one sets the cache to 0% it will result in a kind of clear cache. (something like: instead of pulling the power cord, you might also blow the fuse)
Lots of comments above, some helpful, some not.
Fact 1: Your DNS servers cache external mappings they receive.
Fact 2: The partner company’s cached information on your DNS servers is out of date, because they have changed IPS.
Fact 3: Your internal users can’t resolve the partner name(s) because they use your DNS servers to resolve, however home users typically use an ISP’s DNS servers, and have no trouble resolving.
Resolution:
You need to clear your DNS servers cache. (Not the client resolver cache, it doesn’t present that to DNS clients)
Options as answers:
I like dnscmd.exe, and if it was used with the clearcache switch it would work fine, but the option we have as an answer is about cache poisoning protection, and won’t help with the issue.
Set-DnsServerGlobalQueryBlockList = blocklist management and provides no help for the issue here.
ipconfig /renew = might help an individual client who has lost their dynamic IP settings, but we know that the problem is effecting multiple internal network Users, and what they cannot connect to is the partner company web site.
That leaves Set-DnsServerCache, which if used with a parameter like MaxNegativeTtl, would solve the issue.
Unhelpful.
So many sad, un-researched answers above. If you can’t get your hands on a server or two to practice with, even using free online or trial options freely available. You should not do the exam..
You do have the option LockingPercent that does :
Specifies a percentage of the original Time to Live (TTL) value that caching can consume.
Cache locking is configured as a percent value. For example, if the cache locking value is set to 50, the DNS server does not overwrite a cached entry for half of the duration of the TTL. By default, the cache locking percent value is 100. This value means that the DNS server will not overwrite cached entries for the entire duration of the TTL.
another parameter would be: MaxTtlSpecifies how many seconds (0x0-0xFFFFFFFF) a record is saved in cache. If you use the 0x0 setting, the DNS server does not cache records. The default setting is 0x15180 (86,400 seconds, or one day)
I would go for D… Both A and D do the same thing but D is a newer command and it also is a more powershell looking command
Its A 100% I had the question in my exam and I did The Network section without any mistakes
Jerry thats not right. You can choose only one answer, but not only one answer can be with point to score… A mean there are two good paths to score in this question 😉
Using DNSCmd
DNSCmd allows you to display and change the properties of DNS servers, zones, and resource
records through the use of command-line commands. The DNSCmd utility allows you to
modify, create, and delete resource records and/or zones manually, and it allows you to
force replication between two DNS servers.
Table 2.9 lists some of the DNSCmd commands and their explanations
dnscmd /clearcache Clears the DNS server cache
dnscmd /config Resets DNS server or zone configuration
dnscmd /createdirectorypartition Creates a DNS application directory partition
dnscmd /deletedirectorypartition Deletes a DNS application directory partition
dnscmd /enumrecords Shows the resource records in a zone
D is the answer folks
Official Microsoft Course:
You can configure cache locking with the dnscmd tool by performing the following procedure:
1.      Launch an elevated command prompt.
2.      Run the following command:
dnscmd /Config /CacheLockingPercent
3.      Restart the DNS service to apply the changes.
Alternatively, you can use the Windows PowerShell Set-DnsServerCache –LockingPercent cmdlet to set this value. For example:
Set-DnsServerCache –LockingPercent
F%&^ing Exam Questions!
Even funnier: when you restart the DNS server (as you are required to do to make changes in cache locking effective) the DNS Server cache will be reset in any case, even without changing the cache locking settings!
So, A and D have the same effect, but what actually causes the DNS server to resolve the website name is the DNS restart, even without using A or D first.
I don’t get MS and their questions sometimes:
Wouldn’t Clear-DNSServerCache work the best?
https://technet.microsoft.com/en-us/library/jj649893%28v=wps.620%29.aspx
dnscmd does not have the switch mentioned in the A answer,
however, there is dnscmd /clearcache command, but that one is not presented as an option.
So i will go with a D
shouldn’t the answer be clear-DNSServerCache?
I believe the answer is “D. Run Set-DnsServerCache”. First, you need to get rid of the Cache Locking or you will not be able to clear the cache, so use parameter “-LockingPercent” to set it to 0, then proceed with Clear-DnsServerCache.
Dnscmd can be used too but as mentioned above it will be deprecated.
Cache Locking (default is 100% of TTL): https://technet.microsoft.com/en-us/library/ee683892%28v=ws.10%29.aspx?f=255&MSPPError=-2147217396
Both A and D will work only with parameter, but i would choose A because, it specify command with parameter, and D has only command. Command only can’t work with out parameter. so ans : A :