Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 638
  • Last Modified:

Windows 2003 DHCP DDNS Settings - - Not working

My DHCP server for my company resides on a Windows 2003 server. I have all XP clients and I'm using AD intergrated zone and have noticed problems where my clients DNS records are not getting updated corrently after the workstation gets a new ip address. If it better to let the client update DNS directlory or have the DHCP server do this. Please see my current DHCP settings below...
dhcp-dns.bmp
0
compdigit44
Asked:
compdigit44
  • 11
  • 8
  • 3
  • +1
2 Solutions
 
nappy_dCommented:
Is your server set to allow only authenticated machine updates?  If this is set to allow only authenticated updates, and the machines are not in a domain environment, this may prevent ddns updates from your workstations.
0
 
compdigit44Author Commented:
What server do I check this settings on and where would I find it.
0
 
nappy_dCommented:
This ie performed on your DNS MMC.  Go to the properties of your domain name in dns

Picture-79.png
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
compdigit44Author Commented:
I just checked my DNS server and its set to NonSecure & Secure updates...

Do you have an other suggestions. Are my DHCP settings for DNS correct that I listed above?
0
 
Donald StewartNetwork AdministratorCommented:
Did you configure the DnsUpdateProxy security group ?


http://support.microsoft.com/kb/816592
0
 
compdigit44Author Commented:
The Microsoft article 816592.. Here is a question right now my DHCP server is set to dynamically update client DNS information (Please see the attached screen shot above) but all of my clients are still configured to dynamically update there DNS information as well could this be part of my problem???
0
 
compdigit44Author Commented:
Should All of my clients are 2000 & XP based. SHould I enable the GP under \admin templates\Network\\DNS Client\Dynamic Updates to Enabled???
0
 
Donald StewartNetwork AdministratorCommented:
"Should All of my clients are 2000 & XP based. SHould I enable the GP under \admin templates\Network\\DNS Client\Dynamic Updates to Enabled???"
 
Yes
0
 
compdigit44Author Commented:
Do you think that the fact my DHCP server is set to register DNS records for client and the clients are set for this as well is causing problems????????/
0
 
Donald StewartNetwork AdministratorCommented:
No, what other settings do you have configured  under under \admin templates\Network\\DNS Client\ ?
0
 
compdigit44Author Commented:
NOthing !!!!!!!!!!!!!!!!!!
0
 
Donald StewartNetwork AdministratorCommented:
You might want to at least configure Dns servers :-) and  update security level(mine is at Unsecure followed by secure - if this option is chosen, computers send secure dynamic updates only when nonsecure dynamic updates are refused.)

gpodns.bmp
0
 
compdigit44Author Commented:
By default does 2000 / XP try to send secure updates? Also on my DHCP server should I leave the settings to update client A & PTR records for clients selected?
0
 
Donald StewartNetwork AdministratorCommented:
This should give you better info
 
http://support.microsoft.com/kb/246804 
0
 
compdigit44Author Commented:
Here is a thought that I need some input on...Are my DNS settings correct???
Right now the following settings are setup on my Windows 2000 DNS server & Windows 2003 DHCP server
scavaging = 14 days (set to automatic) (Running WIndows 2000)
DHCP Lease = 7 days

Are these settings correct..
Should I create a GP that will set the TTL value on the client A & PTR records to a shorter time period??? Please adivse??
0
 
Donald StewartNetwork AdministratorCommented:
I have scavenging disabled, dhcp lease on 8 days, and TTL not configured
0
 
compdigit44Author Commented:
Should let me make sure I'm understand everything correct I should do the following..

1) On my DHCP leave the setting for the DHCP to update client A & PTR records for legancy clients
2) What should I make my DHCP leave 8 days vs. 7 days
3) I thought scaving had to be enabled?
4) Should I specify in a GP under DNC-CLient the refresh interval at all???
0
 
Donald StewartNetwork AdministratorCommented:
1) yes if you have any legacy clients
2) this is more a preference
3) Using DNS Aging and Scavenging
4) leave as default
0
 
compdigit44Author Commented:
ONly reaason I mention about the DNS client refresh setting is becuase I have client at remote sites that sometime have issues processing GP's correcntly becuase of DNS. I did not if increaseing the refresh interval would help this or not.
0
 
Donald StewartNetwork AdministratorCommented:
this setting will help with gp processing
 
The Always wait for the network at computer startup and logon group policy at Computer Configuration / Administrative Templates / System / Logon set to  enabled.
0
 
MightySWCommented:
0
 
MightySWCommented:
SWOOP!
0
 
MightySWCommented:
I suggest that you create a reverse lookup zone as the first thread in the link suggests:

http://www.microsoft.com/technet/prodtechnol/windows2000serv/reskit/cnet/cncf_imp_dewg.mspx?mfr=true
0
 
compdigit44Author Commented:
The setting to "Always wait for the network at computer startup and logon" is already enabled..
What is happening is usering will get a new ip address but there XP firewall's will turn on aftward but as soon as they do a gpupdate / force the firewall turning off again...
0

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

  • 11
  • 8
  • 3
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now