• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 2987
  • Last Modified:

Windows 7 Clients Not Updating DNS records on Server 2003

Problem: Windows 7 clients are not updating their DNS records creating DNS entries for multiple PCs with the same IP. This did not happen on our XP clients and has only started happening since deploy Win 7 clients.

Environment: Win 7/XP clients on Server 2003 DCs (DNS/DHCP), about 80 users

I have found several articles that recommend two things.

1. Updating the DNS tab on TCP/IP settings of the clients to append DNS suffixes and register them with DNS. (I have tried this, but it does not seem to work.)
2. Changing the setting on the DHCP server to "Always dynamically update DNS A and PTR records." - This seems like the silver bullet, but I am hesitant to make this change for fear it might break something. Is this OK to change? From what I understand, Win7 clients need help updating their records and this setting does that...but, will it cause me other issues?

Has anyone else seen this?

Thanks for any help...this is a major obstacle in our Win 7 rollout....
0
Senniger1
Asked:
Senniger1
1 Solution
 
Gareth GudgerCommented:
Yes, it is okay to change that setting. Although is generally for systems that can't update their own records with DNS.

What happens if you run IPCONFIG /REGISTERDNS from a Windows 7 command prompt? Does it ever show up in DNS?

Are your DNS zones Active Directory integrated? If so, are you doing Secure Updates only? Or another setting?

What functional level is your forest and domain at?
0
 
Senniger1Author Commented:
Hello...thanks for replying...

/Registerdns does not make it show up in DNS.

DNS is AD integrated with Dynamic updates set to "Secure Only".

Domain level is 2003.

Note: This is only happening on the Win 7 clients...Win XP DNS records are updating correctly.
0
 
MaheshArchitectCommented:
Setting up DNS suffix will not help

Your dns zone is set to secure dynamic update already

In the properties of DHCP server (Ipv4 in case of 2008 DHCP server), on the DNS tab set Always dynamically update DNS A and PTR records, then DHCP server will always update host (A) and PTR records on behalf of clients (More preferable)
OR
In the properties of DHCP server (Ipv4 in case of 2008 DHCP server), on the DNS tab if have set Dynamically update DNS A and PTR records only if requested by the DHCP clients
In this case if IP lease has changed then client computers will dynamically update DNS records and DHCP server will update PTR records

Also you must set domain service account in DHCP server properties (IPV4 in case of 2008) \ advanced \ credentials tab in order to dynamic update work correctly, otherwise it will fail.
You can create standard domain account with non expiring password for this purpose

Also you must set "Discard A and PTR records when dhcp lease expires" in order to delete expired DHCP leases from DHCP console automatically, otherwise you must delete expired DHCP leases from DHCP console manually.
Note that this will not delete DNS records automatically unless you setup DNS scavenging properly

Also add DHCP servers to DNSUpdateProxy group on domain Controllers

https://msmvps.com/blogs/acefekay/archive/2009/08/20/dhcp-dynamic-dns-updates-scavenging-static-entries-amp-timestamps-and-the-dnsproxyupdate-group.aspx

To set scavenging properly check:
http://social.technet.microsoft.com/Forums/windowsserver/en-US/8d4b5f8e-3290-4a9b-8f9d-68fafdd895a2/dhcp-service-not-siscarding-a-and-ptr-records-in-dns-when-lease-is-deleted
http://241931348f64b1d1.wordpress.com/2010/11/08/how-to-configure-dns-scavenging-stale-record/

Check below EE articles
http://www.experts-exchange.com/Networking/Protocols/DNS/Q_28379478.html
http://www.experts-exchange.com/Networking/Protocols/DHCP/Q_28375413.html

Mahesh
0
Worried about phishing attacks?

90% of attacks start with a phish. It’s critical that IT admins and MSSPs have the right security in place to protect their end users from these phishing attacks. Check out our latest feature brief for tips and tricks to keep your employees off a hackers line!

 
Senniger1Author Commented:
Mahesh...

If I enable the "Always dynamically update DNS A and PTR records" - Do I have to add the credentials to the properties in DHCP?

All my XP clients are working fine with DNS records...it is just the Windows 7 clients that are not updating. If I toggle this setting on...do I have to do anything else?
0
 
MaheshArchitectCommented:
In any case you have to set credentials in DHCP properties
Because in any case DHCP either need to update Host(a) and PTR OR PTR records and since your DHCP server is running on Domain controller server
Hence its mandatory step
Also ensure that you type account password correctly in credentials, because it will not prompt any warning if you enter wrong password, then account will get locked frequently
0
 
Greg HejlPrincipal ConsultantCommented:
It's time to update to AD/DNS/DHCP to at least 2008 and you should move to 2012.

XP and 2003 are end of life and no longer supported by microsoft.  they announced in 2010 that this would happen in 2014.  it is now 2014.

everything works much better in 2012 version.  things changed with how windows 7 clients interact with domain services.  windows 8 even more so.
0
 
Senniger1Author Commented:
Thank you for your assistance!
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now