none
dhcp dns automatic update RRS feed

  • Question

  • hi all

    we have a forest with one domain

    AD, DNS, DHCP on the same DC running on win2012r2

    client machines win7 32 bits professional

    client machines configured with the default dhcp tcp/ip settings; in other words the checkbox on ipv4 called "use this connection dns suffix in dns registration" not checked

    DHCP server configured with the the default settings; in other words the radio button called "always dynamically update dns records" on the DNS tab for each scope not checked;

    DNS forward and reverse zones AD integrated with secure updates only

    question 1:

    with the above settings should we expect that when ip address changes the A record and PTR record reflect the change ?

    question 2:

    if the answer to question 1 is NO, and I presume it's no cause it doesn't work for me, then: I changed the radio button on the scope for my test win7 client to "always dynamically update dns records"; after I deleted the dhcp lease and once the win7 machine rebooted and got another ip, the A record and the PTR record did not reflect the change; is this what's supposed to happen ? if so what is the point of the "always dynamically update dns records" option ?

    question 3:

    with the settings from question 2 still enabled I changed the setting the checkbox on ipv4 called "use this connection dns suffix in dns registration" on my test win7 machine , I've deleted the dhcp reservation and rebooted the machine; the client machine got a new ip and the changes were reflected instantly on the A record and PTR record.  In this scenario of changes coming from question 2 and 3 , which setting is responsible for the success and why can't this result be achieved without changing settings on the client machine ?

    thanks

    Tuesday, October 6, 2015 8:30 PM

Answers

  • Hi Dragos CRC,

    In order to use DHCP server to dynamic update DNS records for clients, we need to check "always dynamically update DNS records" on DHCP scope, check "register this connection's addresses in DNS" on client. Since you have select "secure only", we are suggested to add the DHCP server to group DnsUpdateProxy in AD, or configure a credential for DHCP server to register records for clients. However, since the client is domain member, it seems no necessity to configure the suffix on client which you have mentioned in Q3. 

    Besides, I noticed that you reboot the client to renew the IP address, we may use command "ipconfig/release" & "ipconfig/renew" in CMD to renew IP configurations on client. If you want to do more tests in you lab, this command may be convenience.

    Best Regard,

    Anne He 


    Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact tnmff@microsoft.com.


    Monday, October 26, 2015 2:27 AM
    Moderator

All replies

  • Hi Dragos CRC,

    According to your description, I guess that the clients are not domain members.

    Clients will register its FQDN with the IP address in DNS server, if the clients are not domain members, and without configuring the suffix, the clients might not register DNS record with its computer name.

    Here are some reference help to understand DNS dynamic update:

    https://technet.microsoft.com/en-us/library/cc771255.aspx

    Best regards,

    Anne he


    Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact tnmff@microsoft.com.


    Wednesday, October 7, 2015 2:05 AM
    Moderator
  • hi Anne

    the test client machines are domain members

    the dns A record is created automatically without the changes in question 2 and 3.

    there is no PTR record created.

    above, I mentioned what happens once changes in question 2 and 3 are made.

    specifically once changes in question 2 are made, no change.

    when changes are made in question 3, a PTR record appears and the ip address change is reflected immediately

    Wednesday, October 7, 2015 1:48 PM
  • Hi Dragos CRC,

    In order to use DHCP server to dynamic update DNS records for clients, we need to check "always dynamically update DNS records" on DHCP scope, check "register this connection's addresses in DNS" on client. Since you have select "secure only", we are suggested to add the DHCP server to group DnsUpdateProxy in AD, or configure a credential for DHCP server to register records for clients. However, since the client is domain member, it seems no necessity to configure the suffix on client which you have mentioned in Q3. 

    Besides, I noticed that you reboot the client to renew the IP address, we may use command "ipconfig/release" & "ipconfig/renew" in CMD to renew IP configurations on client. If you want to do more tests in you lab, this command may be convenience.

    Best Regard,

    Anne He 


    Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact tnmff@microsoft.com.


    Monday, October 26, 2015 2:27 AM
    Moderator
  • Hi Dragos CRC,

          Sorry for the inconvenience caused to you.

          I understand you are getting trouble while updating DNS A and PTR records for your PCs.

          The issue you are facing could be caused due to the incorrect settings on DHCP server.

          To fix the issue, you may try the methods given below and check if that helps.

          Reset the properties of your DHCP scopes

          1.Changed the radio button on the scope for your test win7 client to "always dynamically update DNS records" .

          2.Checked "Discard A and PTR  records when lease is deleted" and the next check box "Dynamic update DNS A and PTR....".

          3.Click the configure button, checked "Enable Name Protection".

          4.Restart your DHCP server service.

          5.Reboot your DHCP client and use the ipconfig /release and ipconfig /renew  commands to obtain your IP address.

          6.Check your DNS zone A and PTR records to see whether this method works.

    Do let me know the outcome of the issue for further help.

    Best regards,

    Andy-law

    Tuesday, October 27, 2015 3:13 AM