Solved

DNS reverse lookup records aren't getting updated from the DHCP server

Posted on 2006-11-02
10
551 Views
Last Modified: 2012-08-14
We recently moved the DHCP server from an older Win 2000 box to a Win 2003 server.  The move seemed to go fine and DHCP itself is working but think i may have missed something related to DNS.  The DNS reverse lookup records do not seem to be being updated by the new DHCP server.  When i checked DNS for a specific workstation and then connect to it remotely by both the listed pc name and IP I ended up at two different machines.   I went into the DNSmgmt window in Admin tools, and it had at least half a dozen computers with that same IP listed.  There was another computer on there that had 15-20 PTR files with different IPs listed.  Any help with this would be greatly appreciated!
0
Comment
Question by:KCATA
  • 3
  • 3
  • 2
  • +1
10 Comments
 
LVL 19

Expert Comment

by:feptias
ID: 17858315
There are some settings within the Properties page of the DHCP server that set the way the DHCP server will interact with the DNS server. Is the DNS server running on Windows 2003 or on an older machine?

Open the DHCP Management Console on the server, then right click on the node that has the name of your server and select Properties. Now look at the settings in the DNS tab. Try ticking the option "Discard A and PTR records when lease is deleted". You may also find it useful to enable scavenging in the DNS server - this will remove stale DNS records after a set period of time. You may have to manually delete some of the stale DNS records at first just to get things tidy. After that the automated processes should keep it clean. If you want more details about scavenging, just say.
0
 
LVL 2

Author Comment

by:KCATA
ID: 17858374
Thanks, looks like the "Discard A and PTR records when lease is deleted" was already checked on the DHCP server.  Can you give me more details on Scavenging?  The DNS server is running on a Windows 2000 machine at present, though it too will be updated to 2003 in the near future.  Did do the manual clean-up this morning but not sure if the problem will reappear over time yet or not.
0
 
LVL 38

Assisted Solution

by:Shift-3
Shift-3 earned 350 total points
ID: 17858389
If you have dynamic updates set to "Only secure updates" then the new DHCP server will not have permission to modify DNS records created by the old server.  You have a few choices to fix this problem.

A. Manually delete all the records created by the old server.

B. Temporarily change the dynamic updates setting on the forward and reverse zones from "Only secure updates" to "Yes".

C. Add the new DHCP server to the DnsUpdateProxy security group.
0
Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

 
LVL 2

Author Comment

by:KCATA
ID: 17858430
Ah, "Only Secure Updates" is set.  Since I did the manual cleanup this morning, will i still need to set that to "yes" for the future or should it update normally from this point forward?
0
 
LVL 10

Expert Comment

by:SeanUK777
ID: 17858679
delete your reverse DNS zone, and then recreate it..
0
 
LVL 10

Expert Comment

by:SeanUK777
ID: 17858683
also run ipconfig /flushdns on the DNS box..
0
 
LVL 19

Accepted Solution

by:
feptias earned 150 total points
ID: 17858687
Here is a link to a reasonable description of DNS scavenging:
http://www.myitforum.com/articles/16/view.asp?id=6287

There may be differences between the DNS server in Windows 2000 is to the one in Windows 2003 (sorry, I only really know 2003). Scavenging settings on 2003 require that you enable it for the server as a whole and also it can be enabled/disabled for each DNS zone.
0
 
LVL 19

Expert Comment

by:feptias
ID: 17858844
Also this earlier question, now PAQ'd, contains a lot of detail about scavenging and DDNS:
http://www.experts-exchange.com/Networking/Microsoft_Network/Q_22023097.html
0
 
LVL 38

Expert Comment

by:Shift-3
ID: 17859359
It should update normally from now on, assuming there are no other issues.
0
 
LVL 2

Author Comment

by:KCATA
ID: 17860644
Thanks for all the help.  Think Shift-3 ultimately had the solution in this case, but appreciate the advice on scavenging from feptias as well.  Will split up the points a bit, but thank you both again.
0

Featured Post

Optimizing Cloud Backup for Low Bandwidth

With cloud storage prices going down a growing number of SMBs start to use it for backup storage. Unfortunately, business data volume rarely fits the average Internet speed. This article provides an overview of main Internet speed challenges and reveals backup best practices.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The HP utility "HP Lights-Out Online Configuration Utility for Windows Server 2003/2008" could be of great use when it comes to remotely configure a HP servers ILO WITHOUT rebooting the server. We would only need to create and run scripts using thi…
Recently, I had the need to build a standalone system to run a point-of-sale system. I’m running this on a low-voltage Atom processor, so I wanted a light-weight operating system, but still needed Windows. I chose to use Microsoft Windows Server 200…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
Finds all prime numbers in a range requested and places them in a public primes() array. I've demostrated a template size of 30 (2 * 3 * 5) but larger templates can be built such 210  (2 * 3 * 5 * 7) or 2310  (2 * 3 * 5 * 7 * 11). The larger templa…

786 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question