Solved

Windows 7 Clients Not Updating DNS records on Server 2003

Posted on 2014-03-21
7
2,751 Views
Last Modified: 2014-05-09
Problem: Windows 7 clients are not updating their DNS records creating DNS entries for multiple PCs with the same IP. This did not happen on our XP clients and has only started happening since deploy Win 7 clients.

Environment: Win 7/XP clients on Server 2003 DCs (DNS/DHCP), about 80 users

I have found several articles that recommend two things.

1. Updating the DNS tab on TCP/IP settings of the clients to append DNS suffixes and register them with DNS. (I have tried this, but it does not seem to work.)
2. Changing the setting on the DHCP server to "Always dynamically update DNS A and PTR records." - This seems like the silver bullet, but I am hesitant to make this change for fear it might break something. Is this OK to change? From what I understand, Win7 clients need help updating their records and this setting does that...but, will it cause me other issues?

Has anyone else seen this?

Thanks for any help...this is a major obstacle in our Win 7 rollout....
0
Comment
Question by:Senniger1
7 Comments
 
LVL 31

Expert Comment

by:Gareth Gudger
ID: 39946276
Yes, it is okay to change that setting. Although is generally for systems that can't update their own records with DNS.

What happens if you run IPCONFIG /REGISTERDNS from a Windows 7 command prompt? Does it ever show up in DNS?

Are your DNS zones Active Directory integrated? If so, are you doing Secure Updates only? Or another setting?

What functional level is your forest and domain at?
0
 

Author Comment

by:Senniger1
ID: 39946329
Hello...thanks for replying...

/Registerdns does not make it show up in DNS.

DNS is AD integrated with Dynamic updates set to "Secure Only".

Domain level is 2003.

Note: This is only happening on the Win 7 clients...Win XP DNS records are updating correctly.
0
 
LVL 35

Expert Comment

by:Mahesh
ID: 39946375
Setting up DNS suffix will not help

Your dns zone is set to secure dynamic update already

In the properties of DHCP server (Ipv4 in case of 2008 DHCP server), on the DNS tab set Always dynamically update DNS A and PTR records, then DHCP server will always update host (A) and PTR records on behalf of clients (More preferable)
OR
In the properties of DHCP server (Ipv4 in case of 2008 DHCP server), on the DNS tab if have set Dynamically update DNS A and PTR records only if requested by the DHCP clients
In this case if IP lease has changed then client computers will dynamically update DNS records and DHCP server will update PTR records

Also you must set domain service account in DHCP server properties (IPV4 in case of 2008) \ advanced \ credentials tab in order to dynamic update work correctly, otherwise it will fail.
You can create standard domain account with non expiring password for this purpose

Also you must set "Discard A and PTR records when dhcp lease expires" in order to delete expired DHCP leases from DHCP console automatically, otherwise you must delete expired DHCP leases from DHCP console manually.
Note that this will not delete DNS records automatically unless you setup DNS scavenging properly

Also add DHCP servers to DNSUpdateProxy group on domain Controllers

https://msmvps.com/blogs/acefekay/archive/2009/08/20/dhcp-dynamic-dns-updates-scavenging-static-entries-amp-timestamps-and-the-dnsproxyupdate-group.aspx

To set scavenging properly check:
http://social.technet.microsoft.com/Forums/windowsserver/en-US/8d4b5f8e-3290-4a9b-8f9d-68fafdd895a2/dhcp-service-not-siscarding-a-and-ptr-records-in-dns-when-lease-is-deleted
http://241931348f64b1d1.wordpress.com/2010/11/08/how-to-configure-dns-scavenging-stale-record/

Check below EE articles
http://www.experts-exchange.com/Networking/Protocols/DNS/Q_28379478.html
http://www.experts-exchange.com/Networking/Protocols/DHCP/Q_28375413.html

Mahesh
0
How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

 

Author Comment

by:Senniger1
ID: 39946517
Mahesh...

If I enable the "Always dynamically update DNS A and PTR records" - Do I have to add the credentials to the properties in DHCP?

All my XP clients are working fine with DNS records...it is just the Windows 7 clients that are not updating. If I toggle this setting on...do I have to do anything else?
0
 
LVL 35

Accepted Solution

by:
Mahesh earned 500 total points
ID: 39946528
In any case you have to set credentials in DHCP properties
Because in any case DHCP either need to update Host(a) and PTR OR PTR records and since your DHCP server is running on Domain controller server
Hence its mandatory step
Also ensure that you type account password correctly in credentials, because it will not prompt any warning if you enter wrong password, then account will get locked frequently
0
 
LVL 13

Expert Comment

by:Greg Hejl
ID: 39947444
It's time to update to AD/DNS/DHCP to at least 2008 and you should move to 2012.

XP and 2003 are end of life and no longer supported by microsoft.  they announced in 2010 that this would happen in 2014.  it is now 2014.

everything works much better in 2012 version.  things changed with how windows 7 clients interact with domain services.  windows 8 even more so.
0
 

Author Closing Comment

by:Senniger1
ID: 40054153
Thank you for your assistance!
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

Suggested Solutions

I wrote this article to explain some important DNS concepts that should be known to avoid some typical configuration errors I often see in forums. I assume that what is described here is the typical behavior of Microsoft DNS client. I don't know …
BIND is the most widely used Name Server. A Name Server is the one that translates a site name to it's IP address. There is a new bug in BIND (https://kb.isc.org/article/AA-01272), affecting all versions of BIND 9 from BIND 9.1.0 (inclusive) thro…
In this seventh video of the Xpdf series, we discuss and demonstrate the PDFfonts utility, which lists all the fonts used in a PDF file. It does this via a command line interface, making it suitable for use in programs, scripts, batch files — any pl…
This video shows how to remove a single email address from the Outlook 2010 Auto Suggestion memory. NOTE: For Outlook 2016 and 2013 perform the exact same steps. Open a new email: Click the New email button in Outlook. Start typing the address: …

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

24 Experts available now in Live!

Get 1:1 Help Now