Solved

Domain clients not showing in DNS

Posted on 2008-06-23
23
577 Views
Last Modified: 2010-05-18
I have a windows 2003 Domain. My clients used to show up in DNS but recently, no clients are registering their addresses anymore in DNS. The servers are listed in DNS but not the clients. Any help to begin troubleshooting this would be great.

Thank you!
0
Comment
Question by:dsheltzel
  • 11
  • 6
  • 4
  • +1
23 Comments
 
LVL 13

Expert Comment

by:TheCapedPlodder
ID: 21847185
Is your DNS active directory integrated?

Are you looking at the DNS zone on the clients primary DNS server?

Try running ipconfig/registerdns from a client, does it appear on the primary DNS server?
0
 

Author Comment

by:dsheltzel
ID: 21847250
Yes
Yes
I tried - the client addresss does not show up in DNS.
0
 
LVL 13

Expert Comment

by:TheCapedPlodder
ID: 21847277
How odd.

Can you ping the client by FQDN from the DNS server?

Do you have any errors in the System Event log of either the client of DNS server relating to DNS?
0
Use Case: Protecting a Hybrid Cloud Infrastructure

Microsoft Azure is rapidly becoming the norm in dynamic IT environments. This document describes the challenges that organizations face when protecting data in a hybrid cloud IT environment and presents a use case to demonstrate how Acronis Backup protects all data.

 

Author Comment

by:dsheltzel
ID: 21847324
I can ping clients just by name without FQDN from the DNS Server, yet they are not listed in DNS. There are no DNS server erros  in the event log either.
0
 
LVL 13

Expert Comment

by:TheCapedPlodder
ID: 21847340
How about with FQDN though or by using NSLOOKUP?
0
 

Author Comment

by:dsheltzel
ID: 21847413
no, i cannot ping it via FQDN from the DNS server.
0
 
LVL 13

Expert Comment

by:TheCapedPlodder
ID: 21847444
Have you enabled Secure Dynamic Updates on the Zone in question?

If so, try relaxing this setting and running ipconfig /registerdns again - just for troubleshooting purposes.
0
 

Author Comment

by:dsheltzel
ID: 21847462
Do I change it to Nonsecure and Secure or to none for troubleshooting?
0
 
LVL 13

Expert Comment

by:TheCapedPlodder
ID: 21847471
Try nonsecure and secure first and if you don't get a result, set it to none for the second pass!
0
 

Author Comment

by:dsheltzel
ID: 21847503
ok they showed up in DNS now when it is set to Nonsecure and Secure. So what does this mean?
0
 

Author Comment

by:dsheltzel
ID: 21847709
So now all of my clients including print servers, WAP's, POC's are all updating in DNS. What would be blocking secure updates? Is there somewhere I should start?
0
 
LVL 38

Expert Comment

by:Hypercat (Deb)
ID: 21847755
Take a look at this article - setting up the DHCP Proxy user/group may resolve your issues; particularly read the section labeled "Use the DnsUpdateProxy security group":

http://support.microsoft.com/kb/816592/en-us

0
 

Author Comment

by:dsheltzel
ID: 21847851
One of my DC's is actually running DHCP and it is a member of the server is a member of the DnsUpdateProxy security group.
0
 

Author Comment

by:dsheltzel
ID: 21847972
So If I have the DHCP service run under a service account, what permissions does this account need. I cannot find the answer to this question. The other article I read said that using the proxy group was not secure. Any suggesstions?
0
 

Author Comment

by:dsheltzel
ID: 21848147
ok - interesting news. Under my DHCP options, I had a service account that no longer existed as the credentials for my DNS Update Credentials. I have now created a new service account in AD and used this as the settings here. The question is, what group does this user need to be a member of for this to work successfully?
0
 
LVL 38

Expert Comment

by:Hypercat (Deb)
ID: 21848184
The account used to start the DHCP service doesn't have anything to do with the DNS dynamic updating procedure.  If you don't use a special DHCP proxy user account, then I believe the updates are done using the machine account itself.  

The article I cited has a procedure in it to make the updates secure using a special DHCP proxy user ID and password.  This is how I have mine set up.  You create the user name and password and then set it in the properties of your DHCP server - in the DHCPmgmt.msc, right-click the "DHCP" object, go to Properties, Advanced tab, Credentials button.
0
 

Author Comment

by:dsheltzel
ID: 21848203
That is how I set it up now. I have created a user and set the credentials in the DHCP properties under the DNS Dynamic update registration credentials. My question is, does this user account need to be a member of any groups? The article I couldnt find if it said it needed to be in any groups in AD.

Thanks!
0
 
LVL 38

Expert Comment

by:Hypercat (Deb)
ID: 21848268
It has to be a member of the DNSUpdateProxy group only.
0
 

Accepted Solution

by:
dsheltzel earned 0 total points
ID: 21848310
OK - I have made these changes and now I need to wait it out for a few days to see how it all flows. I will post in a couple days. Thanks for the help guys.
0
 
LVL 17

Expert Comment

by:kadadi_v
ID: 21848483
Did you check with netdig.exe utility....?


Regards,
VIjay Kadadi
0
 
LVL 13

Expert Comment

by:TheCapedPlodder
ID: 23721894
Split between http:#a21847471 and http:#a21848268

Cheers,

Plod
0
 
LVL 38

Expert Comment

by:Hypercat (Deb)
ID: 23722874
I agree.
0

Featured Post

Active Directory Webinar

We all know we need to protect and secure our privileges, but where to start? Join Experts Exchange and ManageEngine on Tuesday, April 11, 2017 10:00 AM PDT to learn how to track and secure privileged users in Active Directory.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

There have been a lot of times when we have seen the need to enter a large number of DNS entries in a forward lookup zone. The standard procedure would be to launch the DNS Manager console, create the Zone and start adding new hosts using the New…
When you start your Windows 10 PC and got an "Operating system not found" error or just saw  "Auto repair for startup" or a blinking cursor with black screen. A loop for Auto repair will start but fix nothing.  You will be panic as there are no back…
Two types of users will appreciate AOMEI Backupper Pro: 1 - Those with PCIe drives (and haven't found cloning software that works on them). 2 - Those who want a fast clone of their boot drive (no re-boots needed) and it can clone your drive wh…
In a recent question (https://www.experts-exchange.com/questions/29004105/Run-AutoHotkey-script-directly-from-Notepad.html) here at Experts Exchange, a member asked how to run an AutoHotkey script (.AHK) directly from Notepad++ (aka NPP). This video…

828 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question