WesterraCU
asked on
DHCP not registering clients A records in DNS.
Hello,
We have two DNS (server 2008) servers and one DHCP (2008) server. Many of our DHCP clients are getting leases just fine but not being registered to the DNS servers.
Server A - Primary DNS server
Server B - Secondary DNS server and DHCP server
Server B has scope options 006 for DNS servers and 015 for DNS Domain Name.
Reboot doesn't work, repair on the NIC won't register nor will a ipconfig /registerdns.
Now the only way we can get these to register is to enable "Use this connection's DNS suffix in DNS registration" and force DNS register by a repair or ipconfig /registerdns. Now I thought that's what the scope option 015 was for but I must be missing something here.
Please let me know what I'm missing. If nothing and this must be checked how would I go about enabling a GPO for the "Use this connection's DNS suffix in DNS registration" option on the clients?
Thanks,
Brandon
Untitled.jpg
We have two DNS (server 2008) servers and one DHCP (2008) server. Many of our DHCP clients are getting leases just fine but not being registered to the DNS servers.
Server A - Primary DNS server
Server B - Secondary DNS server and DHCP server
Server B has scope options 006 for DNS servers and 015 for DNS Domain Name.
Reboot doesn't work, repair on the NIC won't register nor will a ipconfig /registerdns.
Now the only way we can get these to register is to enable "Use this connection's DNS suffix in DNS registration" and force DNS register by a repair or ipconfig /registerdns. Now I thought that's what the scope option 015 was for but I must be missing something here.
Please let me know what I'm missing. If nothing and this must be checked how would I go about enabling a GPO for the "Use this connection's DNS suffix in DNS registration" option on the clients?
Thanks,
Brandon
Untitled.jpg
Along the lines of authorization, I was trying to remember the credential settings for allowing other DHCP servers to change records, and I found this:
"dns dynamic updates registration credentials was the problem. The registering DHCP server owns the DNS record so the new DHCP servers did not have permision to change it. I created a new user account and made it a member of DnsUpdateProxy group. Then I set the dns dynamic updates registration credentials on both of the new DHCP servers to that user. After that I deleted all the DNS records from the old DHCP server.
To test I released and renewed the IP using IPCONFIG /release and IPCONFIG /renew, after which I saw the entry was added to DNS. So I stopped the DHCP service on the server with that scope then released and renewed the IP. The DNS entry was updated for the new scope. After restarting the DHCP service I'm done."
http://web2.minasi.com/forum/topic.asp?TOPIC_ID=23724
"dns dynamic updates registration credentials was the problem. The registering DHCP server owns the DNS record so the new DHCP servers did not have permision to change it. I created a new user account and made it a member of DnsUpdateProxy group. Then I set the dns dynamic updates registration credentials on both of the new DHCP servers to that user. After that I deleted all the DNS records from the old DHCP server.
To test I released and renewed the IP using IPCONFIG /release and IPCONFIG /renew, after which I saw the entry was added to DNS. So I stopped the DHCP service on the server with that scope then released and renewed the IP. The DNS entry was updated for the new scope. After restarting the DHCP service I'm done."
http://web2.minasi.com/forum/topic.asp?TOPIC_ID=23724
ASKER
I tried removing Option 15 and testing no luck, I then added it back in and tested again but still can't get it to update.
I didn't know you had to authorize a DNS server, I just thought that was a DHCP thing. How do you authorize a DNS server? I'm assuming they are authorized as they both have all the zones and same number of records in our default domain zone.
Another thought it that we change DHCP servers to a central DHCP server a few days ago. Could that have anything to do with this? Maybe the old DHCP server was the only one authorized to update the records?!?
I didn't know you had to authorize a DNS server, I just thought that was a DHCP thing. How do you authorize a DNS server? I'm assuming they are authorized as they both have all the zones and same number of records in our default domain zone.
Another thought it that we change DHCP servers to a central DHCP server a few days ago. Could that have anything to do with this? Maybe the old DHCP server was the only one authorized to update the records?!?
ASKER
So in the point of rxfoster's post how would I go about taking care of this without creating a new user?
We did go to a new DHCP server and I have a feeling that is the issue as it's only that site having these issues. Could I delete the DHCP leases out of the new server, then delete any DNS records in there and when the clients request a new DHCP lease it would register it with the new permission set from the new DHCP server?
Or should I manually change the permissions on the A record itself? (Although not sure how I'd do that)
We did go to a new DHCP server and I have a feeling that is the issue as it's only that site having these issues. Could I delete the DHCP leases out of the new server, then delete any DNS records in there and when the clients request a new DHCP lease it would register it with the new permission set from the new DHCP server?
Or should I manually change the permissions on the A record itself? (Although not sure how I'd do that)
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Then, if the attached image is your exact set-up, re-add 015 and then add the suffix in the appropriate box (unless you removed it for security reasons in the image).
Are both DNS servers authorized?