?
Solved

Getting Macs to Self-Register in DNS

Posted on 2011-05-11
14
Medium Priority
?
929 Views
Last Modified: 2012-05-11
All of my windows hosts on the network seem to self-register in DNS when they grab an address
through DHCP.  But the few folks in the office with Mac of Linux systems do not become known
in DNS.  Is there something in those systems that can be switched on to permit self-registration
in DNS?
0
Comment
Question by:amigan_99
  • 6
  • 4
  • 3
  • +1
14 Comments
 
LVL 32

Expert Comment

by:nappy_d
ID: 35745475
This does not work with Windows DNS unless you allow anonymous dns updates. You will need to disable authentication on your dns servers and then the machines may register.
0
 
LVL 62

Expert Comment

by:gheist
ID: 35746354
you can enable DNS updates from DHCP server.
0
 
LVL 35

Expert Comment

by:Duncan Roe
ID: 35750666
I have often seem this problem with Windows DHCP and Linux clients. DHCP does not forward the name supplied to DNS - Windows clients expect this behaviour and update DNS with their names later, but Linux (and now, it seems, also Macs) do not.
Everything works if you serve DNS / DHCP from a Linux system, as I do at home. I see error messages in the DNS log from Windows clients subsequently trying to do name updates (which are unnecessary because DNS got the name from DHCP).
I have tried to identify what these packets look like, so I can have Linux clients at work send them to the Windows DNS there, but so far without success. That's what the Macs need to do
0
Get your Disaster Recovery as a Service basics

Disaster Recovery as a Service is one go-to solution that revolutionizes DR planning. Implementing DRaaS could be an efficient process, easily accessible to non-DR experts. Learn about monitoring, testing, executing failovers and failbacks to ensure a "healthy" DR environment.

 
LVL 1

Author Comment

by:amigan_99
ID: 35773610
So I went into DHCP - and Enable Dynamic DNS was checked with option "Dynamically update DNS A and PTR records only if requested by DHCP clients the DHCP client".  I could see my mac user in the DHCP leases "mtruckermac" at 10.10.10.99.  But if I did nslookup for 10.10.10.99 it showed some past Windows PC that used to have the address - mooshilt.  

I changed the check box to "Always dynamically update DNS A and PTR records".  Then I deleted the lease for mrtruckermac and told the mac dude to grab a new address.  He did this by configuring a static IP address and then setting back to DHCP dynamic assignment.  It pulled the same old address as it had before and DHCP again showed mrtruckermac with 10.10.10.99 in lease.  But old mooshilt still had the DNS entry.

Could it be the case that DHCP service has to be restarted?  How can one view the dynamically assigned DNS entries?  If I go into DNS configuration I do not even see entry mooshilt 10.10.10.99.  Secure and nonsecure DNS updates have been permitted all along.  So that is not the issue.
0
 
LVL 32

Expert Comment

by:nappy_d
ID: 35773644
THIS DOES NOT WORK.  You have to change the security of your DNS server to allow anonymous updates.
0
 
LVL 1

Author Comment

by:amigan_99
ID: 35773682
Nappy - where do you do  that exactly?  As you can see in the attached grab - I only see permission to all nonsecure or secure dynamic updates.  I don't see anything regarding "Anonymous".
ScreenHunter-07-May.-16-15.52.gif
0
 
LVL 32

Expert Comment

by:nappy_d
ID: 35773818
Yes by selecting Nonsecure and secure, the Nonsecure are anonymous updates.
0
 
LVL 1

Author Comment

by:amigan_99
ID: 35796020
So I changed a few things in DHCP and DNS but still neither the Macs nor iPads are winding up in DNS. :-(  The names do appear in the DHCP lease table.  e.g. JoeBobsiPad has IP address 10.10.10.72.  But this association is not winding up in DNS.  In properties for the reverse zone for 10.10.10.0 Dynamic Updates is set to "Nonsecure and secure".  And in DHCP properties for the zone - if I go to the DNS tab - "Enable DNS dynamic updates according.." is checked and then "Always dynamically update DNS A and PTR records" is also checked.  But as I say - this is not succeeding in getting the Macs and iPads into DNS.  

There is an empty option at the bottom "Dynamically update DNS A and PTR records for DHCP clients that do not request updates".  But that sounds almost identical to "Always dynamically update DNS A and PTR records".  What is the difference?  What else might I need to do to ID these Macs and iPads etc?
0
 
LVL 35

Expert Comment

by:Duncan Roe
ID: 35797842
The forward (normal) lookups  are A records, the reverse lookups are PTR records. You need to update both of them therefore. I would turn on that empty option.
0
 
LVL 1

Author Comment

by:amigan_99
ID: 35817595
It was no go adding the empty option.  Any other tips on getting these pups to register in DNS?
0
 
LVL 35

Expert Comment

by:Duncan Roe
ID: 35819347
I don't use a GUI interface to configure my DHCP / DNS. The below configs work for me with Windows hosts. I posted them to another Q but haven't heard back if they worked for the asker:
06:45:17$ cat /etc/dhcpd.conf 
option domain-name "mshome.net";
option domain-name-servers 127.0.0.1;
ddns-update-style interim;
ignore client-updates;

subnet 192.168.0.0 netmask 255.255.255.0
{
  range 192.168.0.5   192.168.0.119;
  range 192.168.0.121 192.168.0.254;
  max-lease-time 2592000;
  default-lease-time 604800;
  option subnet-mask 255.255.255.0;
  option broadcast-address 192.168.0.255;
  option routers 192.168.0.120;
  option domain-name-servers 192.168.0.120;
}
06:49:17$

Open in new window

Host 192.168.0.120 is the router / DNS / DHCP.
06:45:17$ cat /etc/dhcpd.conf 
option domain-name "mshome.net";
option domain-name-servers 127.0.0.1;
ddns-update-style interim;
ignore client-updates;

subnet 192.168.0.0 netmask 255.255.255.0
{
  range 192.168.0.5   192.168.0.119;
  range 192.168.0.121 192.168.0.254;
  max-lease-time 2592000;
  default-lease-time 604800;
  option subnet-mask 255.255.255.0;
  option broadcast-address 192.168.0.255;
  option routers 192.168.0.120;
  option domain-name-servers 192.168.0.120;
}
06:49:17$ cat /etc/named.conf 
acl "locals" { 10.255.255.0/24; 192.168.0.0/24; 127.0.0.0/8; };
options {
  directory "/var/named";
  forward only;
  forwarders { 198.142.0.51; 203.2.75.132; };
  allow-transfer { none; };
  allow-query { "locals"; };
  allow-recursion { "locals"; };
};

zone "mshome.net" IN {
  type master;
  file "mshome.net";
  forwarders { };
  allow-query { "locals"; };
  allow-transfer { "locals"; };
  allow-update { 192.168.0.120; };
};
zone "0.168.192.in-addr.arpa" IN {
  type master;
  file "ten.emohsm";
  forwarders { };
  allow-query { "locals"; };
  allow-transfer { "locals"; };
  allow-update { 192.168.0.120; };
};
zone "local.net" IN {
  type master;
  file "local.net";
  forwarders { };
  allow-query { "locals"; };
};
zone "255.255.10.in-addr.arpa" IN {
  type master;
  file "ten.lacol";
  forwarders { };
  allow-query { "locals"; };
};
06:52:16$

Open in new window

0
 
LVL 1

Author Comment

by:amigan_99
ID: 35863037
Duncan - our DNS server is Windows based.  How can I apply this?  Thanks.
0
 
LVL 35

Accepted Solution

by:
Duncan Roe earned 1500 total points
ID: 35865175
Seriously, I have suggested at work that DHCP and DNS services should be offloaded from the Windows server onto a Linux server, to fix exactly the problem you have, at last for the Linux systems. It seems from another Q that it may not work for Macs.
I'll keep looking for the message I mentioned in http:#35750666
0
 
LVL 1

Author Closing Comment

by:amigan_99
ID: 35880834
Thanks Duncan.  At least that helps to know it appears to be a known issue with Windoze DNS/DHCP.  Thanks.
0

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The /etc/authorization file in Mac OS X 10.x can be used to control access to the various panes of the System Preferences amongst other things. It’s used by some of us Mac Sys Admin’s to give Standard Users access to System Prefs panes that only adm…
This article outlines the struggles that Macs encounter in Windows-dominated workplace environments – and what Mac users can do to improve their network connectivity and remain productive.
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…

839 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question