We help IT Professionals succeed at work.

Windows 2003 DHCP DDNS Settings - - Not working

compdigit44
compdigit44 asked
on
Medium Priority
675 Views
Last Modified: 2012-05-06
My DHCP server for my company resides on a Windows 2003 server. I have all XP clients and I'm using AD intergrated zone and have noticed problems where my clients DNS records are not getting updated corrently after the workstation gets a new ip address. If it better to let the client update DNS directlory or have the DHCP server do this. Please see my current DHCP settings below...
dhcp-dns.bmp
Comment
Watch Question

Irwin W.There are a 1000 ways to skin the technology cat.
CERTIFIED EXPERT

Commented:
Is your server set to allow only authenticated machine updates?  If this is set to allow only authenticated updates, and the machines are not in a domain environment, this may prevent ddns updates from your workstations.

Author

Commented:
What server do I check this settings on and where would I find it.
Irwin W.There are a 1000 ways to skin the technology cat.
CERTIFIED EXPERT

Commented:
This ie performed on your DNS MMC.  Go to the properties of your domain name in dns

Picture-79.png

Author

Commented:
I just checked my DNS server and its set to NonSecure & Secure updates...

Do you have an other suggestions. Are my DHCP settings for DNS correct that I listed above?
DonNetwork Administrator
CERTIFIED EXPERT

Commented:
Did you configure the DnsUpdateProxy security group ?


http://support.microsoft.com/kb/816592

Author

Commented:
The Microsoft article 816592.. Here is a question right now my DHCP server is set to dynamically update client DNS information (Please see the attached screen shot above) but all of my clients are still configured to dynamically update there DNS information as well could this be part of my problem???

Author

Commented:
Should All of my clients are 2000 & XP based. SHould I enable the GP under \admin templates\Network\\DNS Client\Dynamic Updates to Enabled???
DonNetwork Administrator
CERTIFIED EXPERT

Commented:
"Should All of my clients are 2000 & XP based. SHould I enable the GP under \admin templates\Network\\DNS Client\Dynamic Updates to Enabled???"
 
Yes

Author

Commented:
Do you think that the fact my DHCP server is set to register DNS records for client and the clients are set for this as well is causing problems????????/
DonNetwork Administrator
CERTIFIED EXPERT

Commented:
No, what other settings do you have configured  under under \admin templates\Network\\DNS Client\ ?

Author

Commented:
NOthing !!!!!!!!!!!!!!!!!!
DonNetwork Administrator
CERTIFIED EXPERT

Commented:
You might want to at least configure Dns servers :-) and  update security level(mine is at Unsecure followed by secure - if this option is chosen, computers send secure dynamic updates only when nonsecure dynamic updates are refused.)

gpodns.bmp

Author

Commented:
By default does 2000 / XP try to send secure updates? Also on my DHCP server should I leave the settings to update client A & PTR records for clients selected?
Network Administrator
CERTIFIED EXPERT
Commented:
This should give you better info
 
http://support.microsoft.com/kb/246804 

Not the solution you were looking for? Getting a personalized solution is easy.

Ask the Experts

Author

Commented:
Here is a thought that I need some input on...Are my DNS settings correct???
Right now the following settings are setup on my Windows 2000 DNS server & Windows 2003 DHCP server
scavaging = 14 days (set to automatic) (Running WIndows 2000)
DHCP Lease = 7 days

Are these settings correct..
Should I create a GP that will set the TTL value on the client A & PTR records to a shorter time period??? Please adivse??
DonNetwork Administrator
CERTIFIED EXPERT

Commented:
I have scavenging disabled, dhcp lease on 8 days, and TTL not configured

Author

Commented:
Should let me make sure I'm understand everything correct I should do the following..

1) On my DHCP leave the setting for the DHCP to update client A & PTR records for legancy clients
2) What should I make my DHCP leave 8 days vs. 7 days
3) I thought scaving had to be enabled?
4) Should I specify in a GP under DNC-CLient the refresh interval at all???
DonNetwork Administrator
CERTIFIED EXPERT
Commented:
1) yes if you have any legacy clients
2) this is more a preference
3) Using DNS Aging and Scavenging
4) leave as default

Author

Commented:
ONly reaason I mention about the DNS client refresh setting is becuase I have client at remote sites that sometime have issues processing GP's correcntly becuase of DNS. I did not if increaseing the refresh interval would help this or not.
DonNetwork Administrator
CERTIFIED EXPERT

Commented:
this setting will help with gp processing
 
The Always wait for the network at computer startup and logon group policy at Computer Configuration / Administrative Templates / System / Logon set to  enabled.

Commented:
SWOOP!

Commented:
I suggest that you create a reverse lookup zone as the first thread in the link suggests:

http://www.microsoft.com/technet/prodtechnol/windows2000serv/reskit/cnet/cncf_imp_dewg.mspx?mfr=true

Author

Commented:
The setting to "Always wait for the network at computer startup and logon" is already enabled..
What is happening is usering will get a new ip address but there XP firewall's will turn on aftward but as soon as they do a gpupdate / force the firewall turning off again...
Access more of Experts Exchange with a free account
Thanks for using Experts Exchange.

Create a free account to continue.

Limited access with a free account allows you to:

  • View three pieces of content (articles, solutions, posts, and videos)
  • Ask the experts questions (counted toward content limit)
  • Customize your dashboard and profile

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.