Solved

Domain clients not showing in DNS

Posted on 2008-06-23
23
600 Views
Last Modified: 2010-05-18
I have a windows 2003 Domain. My clients used to show up in DNS but recently, no clients are registering their addresses anymore in DNS. The servers are listed in DNS but not the clients. Any help to begin troubleshooting this would be great.

Thank you!
0
Comment
Question by:dsheltzel
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 11
  • 6
  • 4
  • +1
23 Comments
 
LVL 13

Expert Comment

by:TheCapedPlodder
ID: 21847185
Is your DNS active directory integrated?

Are you looking at the DNS zone on the clients primary DNS server?

Try running ipconfig/registerdns from a client, does it appear on the primary DNS server?
0
 

Author Comment

by:dsheltzel
ID: 21847250
Yes
Yes
I tried - the client addresss does not show up in DNS.
0
 
LVL 13

Expert Comment

by:TheCapedPlodder
ID: 21847277
How odd.

Can you ping the client by FQDN from the DNS server?

Do you have any errors in the System Event log of either the client of DNS server relating to DNS?
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 

Author Comment

by:dsheltzel
ID: 21847324
I can ping clients just by name without FQDN from the DNS Server, yet they are not listed in DNS. There are no DNS server erros  in the event log either.
0
 
LVL 13

Expert Comment

by:TheCapedPlodder
ID: 21847340
How about with FQDN though or by using NSLOOKUP?
0
 

Author Comment

by:dsheltzel
ID: 21847413
no, i cannot ping it via FQDN from the DNS server.
0
 
LVL 13

Expert Comment

by:TheCapedPlodder
ID: 21847444
Have you enabled Secure Dynamic Updates on the Zone in question?

If so, try relaxing this setting and running ipconfig /registerdns again - just for troubleshooting purposes.
0
 

Author Comment

by:dsheltzel
ID: 21847462
Do I change it to Nonsecure and Secure or to none for troubleshooting?
0
 
LVL 13

Expert Comment

by:TheCapedPlodder
ID: 21847471
Try nonsecure and secure first and if you don't get a result, set it to none for the second pass!
0
 

Author Comment

by:dsheltzel
ID: 21847503
ok they showed up in DNS now when it is set to Nonsecure and Secure. So what does this mean?
0
 

Author Comment

by:dsheltzel
ID: 21847709
So now all of my clients including print servers, WAP's, POC's are all updating in DNS. What would be blocking secure updates? Is there somewhere I should start?
0
 
LVL 38

Expert Comment

by:Hypercat (Deb)
ID: 21847755
Take a look at this article - setting up the DHCP Proxy user/group may resolve your issues; particularly read the section labeled "Use the DnsUpdateProxy security group":

http://support.microsoft.com/kb/816592/en-us

0
 

Author Comment

by:dsheltzel
ID: 21847851
One of my DC's is actually running DHCP and it is a member of the server is a member of the DnsUpdateProxy security group.
0
 

Author Comment

by:dsheltzel
ID: 21847972
So If I have the DHCP service run under a service account, what permissions does this account need. I cannot find the answer to this question. The other article I read said that using the proxy group was not secure. Any suggesstions?
0
 

Author Comment

by:dsheltzel
ID: 21848147
ok - interesting news. Under my DHCP options, I had a service account that no longer existed as the credentials for my DNS Update Credentials. I have now created a new service account in AD and used this as the settings here. The question is, what group does this user need to be a member of for this to work successfully?
0
 
LVL 38

Expert Comment

by:Hypercat (Deb)
ID: 21848184
The account used to start the DHCP service doesn't have anything to do with the DNS dynamic updating procedure.  If you don't use a special DHCP proxy user account, then I believe the updates are done using the machine account itself.  

The article I cited has a procedure in it to make the updates secure using a special DHCP proxy user ID and password.  This is how I have mine set up.  You create the user name and password and then set it in the properties of your DHCP server - in the DHCPmgmt.msc, right-click the "DHCP" object, go to Properties, Advanced tab, Credentials button.
0
 

Author Comment

by:dsheltzel
ID: 21848203
That is how I set it up now. I have created a user and set the credentials in the DHCP properties under the DNS Dynamic update registration credentials. My question is, does this user account need to be a member of any groups? The article I couldnt find if it said it needed to be in any groups in AD.

Thanks!
0
 
LVL 38

Expert Comment

by:Hypercat (Deb)
ID: 21848268
It has to be a member of the DNSUpdateProxy group only.
0
 

Accepted Solution

by:
dsheltzel earned 0 total points
ID: 21848310
OK - I have made these changes and now I need to wait it out for a few days to see how it all flows. I will post in a couple days. Thanks for the help guys.
0
 
LVL 17

Expert Comment

by:kadadi_v
ID: 21848483
Did you check with netdig.exe utility....?


Regards,
VIjay Kadadi
0
 
LVL 13

Expert Comment

by:TheCapedPlodder
ID: 23721894
Split between http:#a21847471 and http:#a21848268

Cheers,

Plod
0
 
LVL 38

Expert Comment

by:Hypercat (Deb)
ID: 23722874
I agree.
0

Featured Post

Migrating Your Company's PCs

To keep pace with competitors, businesses must keep employees productive, and that means providing them with the latest technology. This document provides the tips and tricks you need to help you migrate an outdated PC fleet to new desktops, laptops, and tablets.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

BIND is the most widely used Name Server. A Name Server is the one that translates a site name to it's IP address. There is a new bug in BIND (https://kb.isc.org/article/AA-01272), affecting all versions of BIND 9 from BIND 9.1.0 (inclusive) thro…
For both online and offline retail, the cross-channel business is the most recent pattern in the B2C trade space.
Two types of users will appreciate AOMEI Backupper Pro: 1 - Those with PCIe drives (and haven't found cloning software that works on them). 2 - Those who want a fast clone of their boot drive (no re-boots needed) and it can clone your drive wh…
In this video, viewers will be given step by step instructions on adjusting mouse, pointer and cursor visibility in Microsoft Windows 10. The video seeks to educate those who are struggling with the new Windows 10 Graphical User Interface. Change Cu…

623 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question