Solved

Domain clients not showing in DNS

Posted on 2008-06-23
23
545 Views
Last Modified: 2010-05-18
I have a windows 2003 Domain. My clients used to show up in DNS but recently, no clients are registering their addresses anymore in DNS. The servers are listed in DNS but not the clients. Any help to begin troubleshooting this would be great.

Thank you!
0
Comment
Question by:dsheltzel
  • 11
  • 6
  • 4
  • +1
23 Comments
 
LVL 13

Expert Comment

by:TheCapedPlodder
ID: 21847185
Is your DNS active directory integrated?

Are you looking at the DNS zone on the clients primary DNS server?

Try running ipconfig/registerdns from a client, does it appear on the primary DNS server?
0
 

Author Comment

by:dsheltzel
ID: 21847250
Yes
Yes
I tried - the client addresss does not show up in DNS.
0
 
LVL 13

Expert Comment

by:TheCapedPlodder
ID: 21847277
How odd.

Can you ping the client by FQDN from the DNS server?

Do you have any errors in the System Event log of either the client of DNS server relating to DNS?
0
 

Author Comment

by:dsheltzel
ID: 21847324
I can ping clients just by name without FQDN from the DNS Server, yet they are not listed in DNS. There are no DNS server erros  in the event log either.
0
 
LVL 13

Expert Comment

by:TheCapedPlodder
ID: 21847340
How about with FQDN though or by using NSLOOKUP?
0
 

Author Comment

by:dsheltzel
ID: 21847413
no, i cannot ping it via FQDN from the DNS server.
0
 
LVL 13

Expert Comment

by:TheCapedPlodder
ID: 21847444
Have you enabled Secure Dynamic Updates on the Zone in question?

If so, try relaxing this setting and running ipconfig /registerdns again - just for troubleshooting purposes.
0
 

Author Comment

by:dsheltzel
ID: 21847462
Do I change it to Nonsecure and Secure or to none for troubleshooting?
0
 
LVL 13

Expert Comment

by:TheCapedPlodder
ID: 21847471
Try nonsecure and secure first and if you don't get a result, set it to none for the second pass!
0
 

Author Comment

by:dsheltzel
ID: 21847503
ok they showed up in DNS now when it is set to Nonsecure and Secure. So what does this mean?
0
 

Author Comment

by:dsheltzel
ID: 21847709
So now all of my clients including print servers, WAP's, POC's are all updating in DNS. What would be blocking secure updates? Is there somewhere I should start?
0
Highfive Gives IT Their Time Back

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

 
LVL 38

Expert Comment

by:Hypercat (Deb)
ID: 21847755
Take a look at this article - setting up the DHCP Proxy user/group may resolve your issues; particularly read the section labeled "Use the DnsUpdateProxy security group":

http://support.microsoft.com/kb/816592/en-us

0
 

Author Comment

by:dsheltzel
ID: 21847851
One of my DC's is actually running DHCP and it is a member of the server is a member of the DnsUpdateProxy security group.
0
 

Author Comment

by:dsheltzel
ID: 21847972
So If I have the DHCP service run under a service account, what permissions does this account need. I cannot find the answer to this question. The other article I read said that using the proxy group was not secure. Any suggesstions?
0
 

Author Comment

by:dsheltzel
ID: 21848147
ok - interesting news. Under my DHCP options, I had a service account that no longer existed as the credentials for my DNS Update Credentials. I have now created a new service account in AD and used this as the settings here. The question is, what group does this user need to be a member of for this to work successfully?
0
 
LVL 38

Expert Comment

by:Hypercat (Deb)
ID: 21848184
The account used to start the DHCP service doesn't have anything to do with the DNS dynamic updating procedure.  If you don't use a special DHCP proxy user account, then I believe the updates are done using the machine account itself.  

The article I cited has a procedure in it to make the updates secure using a special DHCP proxy user ID and password.  This is how I have mine set up.  You create the user name and password and then set it in the properties of your DHCP server - in the DHCPmgmt.msc, right-click the "DHCP" object, go to Properties, Advanced tab, Credentials button.
0
 

Author Comment

by:dsheltzel
ID: 21848203
That is how I set it up now. I have created a user and set the credentials in the DHCP properties under the DNS Dynamic update registration credentials. My question is, does this user account need to be a member of any groups? The article I couldnt find if it said it needed to be in any groups in AD.

Thanks!
0
 
LVL 38

Expert Comment

by:Hypercat (Deb)
ID: 21848268
It has to be a member of the DNSUpdateProxy group only.
0
 

Accepted Solution

by:
dsheltzel earned 0 total points
ID: 21848310
OK - I have made these changes and now I need to wait it out for a few days to see how it all flows. I will post in a couple days. Thanks for the help guys.
0
 
LVL 17

Expert Comment

by:kadadi_v
ID: 21848483
Did you check with netdig.exe utility....?


Regards,
VIjay Kadadi
0
 
LVL 13

Expert Comment

by:TheCapedPlodder
ID: 23721894
Split between http:#a21847471 and http:#a21848268

Cheers,

Plod
0
 
LVL 38

Expert Comment

by:Hypercat (Deb)
ID: 23722874
I agree.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Join & Write a Comment

Suggested Solutions

One of the most often confused topics in the area DNS is the idea of GLUE records. Specifically, what they are, when they are needed, when they are provided, and how they are created. First, WHAT IS GLUE? To understand GLUE, you must first under…
There have been a lot of times when we have seen the need to enter a large number of DNS entries in a forward lookup zone. The standard procedure would be to launch the DNS Manager console, create the Zone and start adding new hosts using the New…
This video demonstrates how to create an example email signature rule for a department in a company using CodeTwo Exchange Rules. The signature will be inserted beneath users' latest emails in conversations and will be displayed in users' Sent Items…
You have products, that come in variants and want to set different prices for them? Watch this micro tutorial that describes how to configure prices for Magento super attributes. Assigning simple products to configurable: We assigned simple products…

747 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now