2008 Dhcp server log errors

Posted on 2010-01-11
Medium Priority
Last Modified: 2012-05-08
Looking for resolution for the following error messages I am getting in dhcp  server logs..I think it is PTR ownership issue... Don't know how to get resolution to it.

31,01/10/10,14:25:05,DNS Update Failed,1xx.xx.xxx.23,  WXPusr.pcdmain1.com,,,0,6,,,
31,,01/10/10,14:25:09,DNS Update Failed,1xx.xx.xxx.24,W7user.pcdomain1.com,,,0,6,,,
31,,01/10/10,14:27:05,DNS Update Failed,1xx.xx.xxx.25,W7user2.pcdomain1.com,,,0,6

I switched dhcp servers from windws 2003 to 2008 . Exported the scopes along with leases to 2008 dhcp servers. deactivated/Disabled 2003 dhcp servers and activated successfullly 2008 dhcp servers
I am using the following...
1)DHCP server is a member server, not a domain controller
2) Service account with domain access ,provided account credentails in DHCP servers for updating dns
3)2008 dhcp servers and service account are members of dnsupdateproxy group
4)The service account was added in the secuirty tab on the DNS server(s) properties
5)Reverse lookup exists for all the subnets

The leases are renewed but  DNS is not getting updated, and generating the above error
Does the error goes away automatically once the PTR ownership issue gets resolved?.
Question by:lbeach94
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3

Assisted Solution

Vinamilk1001 earned 200 total points
ID: 26292654

As i see your parameters , i have theses opinions :
point 3) There are no need to put 2008 DHCP server on the dnsupdateproxy if the account service is already member of this group
point 4) The service account not need to be on DNS server(s) properties , better is to let the default rights .
these part are sensible
point 5) check the DNS tab of your scope properties that DHCP update DNS record (A and PTR ) on client request.
And finally , test your update process .  Delete one host record on your DNS server , and on the computer client type an Ipconfig /registerdns
check if your record have been correctly created.
If the record is created , check your dns zone properties , notice that the Norefresh intervall have not to be greater than DHCP lease time.
LVL 71

Accepted Solution

Chris Dent earned 1800 total points
ID: 26296033

> 2) Service account with domain access ,provided account credentails in
> DHCP servers for updating dns

Under the credentials tab? Is the the same account as was used with 2003?

> 3)2008 dhcp servers and service account are members of dnsupdateproxy group

This will not help unless the 2003 server was also a member of that group. And besides, if you used credentials as above it does no good anyway.

Either way, I advise you remove the server from that group. Records are written with no security while in that group.

> 4)The service account was added in the secuirty tab on the DNS server(s) properties

Granting it permission over existing records? Have you verified that the right has been assigned to records within the zone?


Author Comment

ID: 26297916
Hi Chris,

We never used credentials on 2003 dhcp servers, as those servers were  DC,DNS & DHCP all were running on it. Now we have separated the dhcp server as a member server , therefore we using the credentials for the 1st time. Does the service account should have domain access ..?. It has domain access, but want to confirm.
To answer your question, I  don't see the rights for the service account on the PTR records, even for the PTR records which were successful updates
But  I noticed alot DNS updates were successful in dhcp logs last nigth around 11:30 PM , usually after lease cleanup, plus we have dns scalvaning enabled also on dns servers. Does this issue correct it self after few cycles ? or there is a another solution to it

Veeam Task Manager for Hyper-V

Task Manager for Hyper-V provides critical information that allows you to monitor Hyper-V performance by displaying real-time views of CPU and memory at the individual VM-level, so you can quickly identify which VMs are using host resources.

LVL 71

Expert Comment

by:Chris Dent
ID: 26297956

It will correct itself if you have Scavenging running. Records that cannot be updated will be Scavenged, then the records will register correctly.

There are other solutions of course, but scavenging is good enough if you can afford to be patient.


Author Comment

ID: 26298227
Hi Chris,

Thanks for the quick response. Does the service account should have domain admin access , or it should be a member of built-in dnsAdmin group.
LVL 71

Expert Comment

by:Chris Dent
ID: 26298273

Neither, just a regular user if you've set it in the Credentials option. If you set it up to run the service itself (Services console) it would be a bit different, but that's a change I would advise undoing.


Author Comment

ID: 26298616
Chris, thanks for the response , i will re remove this service account from domain admin/dnsadmin groups..and see how it goes... thanks . Will update back

Author Closing Comment

ID: 31675780
Excellent solution and comments provided

Featured Post

Optimize your web performance

What's in the eBook?
- Full list of reasons for poor performance
- Ultimate measures to speed things up
- Primary web monitoring types
- KPIs you should be monitoring in order to increase your ROI

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

BIND is the most widely used Name Server. A Name Server is the one that translates a site name to it's IP address. There is a new bug in BIND (https://kb.isc.org/article/AA-01272), affecting all versions of BIND 9 from BIND 9.1.0 (inclusive) thro…
After seeing many questions for JRNL_WRAP_ERROR for replication failure, I thought it would be useful to write this article.
To efficiently enable the rotation of USB drives for backups, storage pools need to be created. This way no matter which USB drive is installed, the backups will successfully write without any administrative intervention. Multiple USB devices need t…
This tutorial will walk an individual through configuring a drive on a Windows Server 2008 to perform shadow copies in order to quickly recover deleted files and folders. Click on Start and then select Computer to view the available drives on the se…
Suggested Courses

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question