Senniger1
asked on
Windows 7 Clients Not Updating DNS records on Server 2003
Problem: Windows 7 clients are not updating their DNS records creating DNS entries for multiple PCs with the same IP. This did not happen on our XP clients and has only started happening since deploy Win 7 clients.
Environment: Win 7/XP clients on Server 2003 DCs (DNS/DHCP), about 80 users
I have found several articles that recommend two things.
1. Updating the DNS tab on TCP/IP settings of the clients to append DNS suffixes and register them with DNS. (I have tried this, but it does not seem to work.)
2. Changing the setting on the DHCP server to "Always dynamically update DNS A and PTR records." - This seems like the silver bullet, but I am hesitant to make this change for fear it might break something. Is this OK to change? From what I understand, Win7 clients need help updating their records and this setting does that...but, will it cause me other issues?
Has anyone else seen this?
Thanks for any help...this is a major obstacle in our Win 7 rollout....
Environment: Win 7/XP clients on Server 2003 DCs (DNS/DHCP), about 80 users
I have found several articles that recommend two things.
1. Updating the DNS tab on TCP/IP settings of the clients to append DNS suffixes and register them with DNS. (I have tried this, but it does not seem to work.)
2. Changing the setting on the DHCP server to "Always dynamically update DNS A and PTR records." - This seems like the silver bullet, but I am hesitant to make this change for fear it might break something. Is this OK to change? From what I understand, Win7 clients need help updating their records and this setting does that...but, will it cause me other issues?
Has anyone else seen this?
Thanks for any help...this is a major obstacle in our Win 7 rollout....
ASKER
Hello...thanks for replying...
/Registerdns does not make it show up in DNS.
DNS is AD integrated with Dynamic updates set to "Secure Only".
Domain level is 2003.
Note: This is only happening on the Win 7 clients...Win XP DNS records are updating correctly.
/Registerdns does not make it show up in DNS.
DNS is AD integrated with Dynamic updates set to "Secure Only".
Domain level is 2003.
Note: This is only happening on the Win 7 clients...Win XP DNS records are updating correctly.
Setting up DNS suffix will not help
Your dns zone is set to secure dynamic update already
In the properties of DHCP server (Ipv4 in case of 2008 DHCP server), on the DNS tab set Always dynamically update DNS A and PTR records, then DHCP server will always update host (A) and PTR records on behalf of clients (More preferable)
OR
In the properties of DHCP server (Ipv4 in case of 2008 DHCP server), on the DNS tab if have set Dynamically update DNS A and PTR records only if requested by the DHCP clients
In this case if IP lease has changed then client computers will dynamically update DNS records and DHCP server will update PTR records
Also you must set domain service account in DHCP server properties (IPV4 in case of 2008) \ advanced \ credentials tab in order to dynamic update work correctly, otherwise it will fail.
You can create standard domain account with non expiring password for this purpose
Also you must set "Discard A and PTR records when dhcp lease expires" in order to delete expired DHCP leases from DHCP console automatically, otherwise you must delete expired DHCP leases from DHCP console manually.
Note that this will not delete DNS records automatically unless you setup DNS scavenging properly
Also add DHCP servers to DNSUpdateProxy group on domain Controllers
https://msmvps.com/blogs/acefekay/archive/2009/08/20/dhcp-dynamic-dns-updates-scavenging-static-entries-amp-timestamps-and-the-dnsproxyupdate-group.aspx
To set scavenging properly check:
http://social.technet.microsoft.com/Forums/windowsserver/en-US/8d4b5f8e-3290-4a9b-8f9d-68fafdd895a2/dhcp-service-not-siscarding-a-and-ptr-records-in-dns-when-lease-is-deleted
http://241931348f64b1d1.wordpress.com/2010/11/08/how-to-configure-dns-scavenging-stale-record/
Check below EE articles
https://www.experts-exchange.com/questions/28379478/Client-computers-in-a-domain-won't-dynamically-update-their-A-records.html
https://www.experts-exchange.com/questions/28375413/DHCP-lease.html
Mahesh
Your dns zone is set to secure dynamic update already
In the properties of DHCP server (Ipv4 in case of 2008 DHCP server), on the DNS tab set Always dynamically update DNS A and PTR records, then DHCP server will always update host (A) and PTR records on behalf of clients (More preferable)
OR
In the properties of DHCP server (Ipv4 in case of 2008 DHCP server), on the DNS tab if have set Dynamically update DNS A and PTR records only if requested by the DHCP clients
In this case if IP lease has changed then client computers will dynamically update DNS records and DHCP server will update PTR records
Also you must set domain service account in DHCP server properties (IPV4 in case of 2008) \ advanced \ credentials tab in order to dynamic update work correctly, otherwise it will fail.
You can create standard domain account with non expiring password for this purpose
Also you must set "Discard A and PTR records when dhcp lease expires" in order to delete expired DHCP leases from DHCP console automatically, otherwise you must delete expired DHCP leases from DHCP console manually.
Note that this will not delete DNS records automatically unless you setup DNS scavenging properly
Also add DHCP servers to DNSUpdateProxy group on domain Controllers
https://msmvps.com/blogs/acefekay/archive/2009/08/20/dhcp-dynamic-dns-updates-scavenging-static-entries-amp-timestamps-and-the-dnsproxyupdate-group.aspx
To set scavenging properly check:
http://social.technet.microsoft.com/Forums/windowsserver/en-US/8d4b5f8e-3290-4a9b-8f9d-68fafdd895a2/dhcp-service-not-siscarding-a-and-ptr-records-in-dns-when-lease-is-deleted
http://241931348f64b1d1.wordpress.com/2010/11/08/how-to-configure-dns-scavenging-stale-record/
Check below EE articles
https://www.experts-exchange.com/questions/28379478/Client-computers-in-a-domain-won't-dynamically-update-their-A-records.html
https://www.experts-exchange.com/questions/28375413/DHCP-lease.html
Mahesh
ASKER
Mahesh...
If I enable the "Always dynamically update DNS A and PTR records" - Do I have to add the credentials to the properties in DHCP?
All my XP clients are working fine with DNS records...it is just the Windows 7 clients that are not updating. If I toggle this setting on...do I have to do anything else?
If I enable the "Always dynamically update DNS A and PTR records" - Do I have to add the credentials to the properties in DHCP?
All my XP clients are working fine with DNS records...it is just the Windows 7 clients that are not updating. If I toggle this setting on...do I have to do anything else?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
It's time to update to AD/DNS/DHCP to at least 2008 and you should move to 2012.
XP and 2003 are end of life and no longer supported by microsoft. they announced in 2010 that this would happen in 2014. it is now 2014.
everything works much better in 2012 version. things changed with how windows 7 clients interact with domain services. windows 8 even more so.
XP and 2003 are end of life and no longer supported by microsoft. they announced in 2010 that this would happen in 2014. it is now 2014.
everything works much better in 2012 version. things changed with how windows 7 clients interact with domain services. windows 8 even more so.
ASKER
Thank you for your assistance!
What happens if you run IPCONFIG /REGISTERDNS from a Windows 7 command prompt? Does it ever show up in DNS?
Are your DNS zones Active Directory integrated? If so, are you doing Secure Updates only? Or another setting?
What functional level is your forest and domain at?