Improve company productivity with a Business Account.Sign Up

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 934
  • Last Modified:

DNS A Records not updating

I have a DNS server running AD Integrated in a Win2k3 Native Environment

My DHCP Server is set to update DNS and PTR records always.

I have 50 machines on one VLAN that just changed VLAN's a couple days ago.

Now all 50 machines are not pingable by host name. Instead it returns the old IP Address. Registering the machines does no good obviously because the host records still exist and you can't have two machines with the same name in DNS even though the IP has changed.

It's not profesional to wait 7 days for the records to scavenge obviously when all 50 machines are not pingable by host. They actually have to get to their file servers which is on their VLAN as well but I'm not sure if this can cause other issues like Group Policy and stuff that requires the DC to push down infnormation.

Can anyone explain this phenomina and show me how to correct it so next time I don't have to manually delete all 50 freakin records? I mean I'm lucky it was only 50. If I knew how the problem was created I can prevent it from happening next time we do VLAN changes or fix oter isolated incidents which seemto creep up now and then...

Thanks a ton everyone
0
snyderkv
Asked:
snyderkv
1 Solution
 
RowleyCommented:
http://technet.microsoft.com/en-us/library/cc757041.aspxhttp://technet.microsoft.com/en-us/library/cc757041.aspx

Alter your refresh and scavenge times as part of the migration as well as ensuring that all clients run ipconfig /registerdns after you're done. If you'd have planned top do both of these as part of the migration, you might have saved yourself a headache.
0
 
Chris DentPowerShell DeveloperCommented:

Hey,

In an ideal world the Aging intervals should be set to work with your DHCP Lease time.

That way if a record does fail to overwrite it won't matter because the record will be scavenged at the same time as the new lease is granted.

Typically these kind of issues occur when permissions to write to the records have changed. For instance, if you moved the DHCP service, or changed the credentials it uses (or changed from DHCP updating to clients updating).

If you use multiple DHCP servers then you should ensure they work with the same credentials.

Chris
0
 
Henrik JohanssonSystems engineerCommented:
Dynamic updates will only update dynamic records and not static records.
In DNS-manager: Click View|Advanced. Open the DNS-records and tick the checkbox "Delete this record when it becomes stale" to mark the record as dynamic.

To do a manual scavenge: Right-click on DNS-server in DNS-manager and choose 'Scavenge Stale Resource Records'
0
Improved Protection from Phishing Attacks

WatchGuard DNSWatch reduces malware infections by detecting and blocking malicious DNS requests, improving your ability to protect employees from phishing attacks. Learn more about our newest service included in Total Security Suite today!

 
cyberseanCommented:
Next time, you should be able to reload the dns zone simply by right-clicking on it and select Reload.
0
 
snyderkvAuthor Commented:
But reloading the zone I thought was used only if you want Cached ifo to sync with the zone file. Replication is not an issue here.

The record is stale, but we don't want to wait 7 days.

We cannot manually scavenge all records because I thought that creates lots of DNS replication traffic?

It's not a permissions issue . It's ust I can't get a cmputer to registerdns because it's old record is taking it's place. Or maybe that is permissions. I don't know. ???

I will check permissions out within the hour

0
 
snyderkvAuthor Commented:
FIXED!

Turns out it was a permissios issue like Chris suggested.

I gave permissions to myself for the A record and did another ipconfig /registerdns and it updated theA record to the crrect IP Address. I was told that to prevent this I could stop letting DHCP dynamically update the records and let the clients do it on their own.

Sorry for not spliting points but Chrise's answer made me look into permissions which fixed the issue. If anybody contests it let me know and I will split the points.
0
 
Chris DentPowerShell DeveloperCommented:

> I was told that to prevent this I could stop letting DHCP dynamically
> update the records and let the clients do it on their own.

That will work well enough. Once clients have permission on the record they will update it themselves no matter where they log on (well, as long as they're connected of course).

If DHCP is updating, and there are multiple (or changing) DHCP servers it is best to configure each to use the same credentials when registering records. There's also the DNSUpdateProxy group that can be used to simplify permissions set on created records.

Chris
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

NEW Internet Security Report Now Available!

WatchGuard’s Threat Lab is a group of dedicated threat researchers committed to helping you stay ahead of the bad guys by providing in-depth analysis of the top security threats to your network.  Check out this quarters report on the threats that shook the industry in Q4 2017.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now