Solved

Windows 7 Clients Not Updating DNS records on Server 2003

Posted on 2014-03-21
7
2,804 Views
Last Modified: 2014-05-09
Problem: Windows 7 clients are not updating their DNS records creating DNS entries for multiple PCs with the same IP. This did not happen on our XP clients and has only started happening since deploy Win 7 clients.

Environment: Win 7/XP clients on Server 2003 DCs (DNS/DHCP), about 80 users

I have found several articles that recommend two things.

1. Updating the DNS tab on TCP/IP settings of the clients to append DNS suffixes and register them with DNS. (I have tried this, but it does not seem to work.)
2. Changing the setting on the DHCP server to "Always dynamically update DNS A and PTR records." - This seems like the silver bullet, but I am hesitant to make this change for fear it might break something. Is this OK to change? From what I understand, Win7 clients need help updating their records and this setting does that...but, will it cause me other issues?

Has anyone else seen this?

Thanks for any help...this is a major obstacle in our Win 7 rollout....
0
Comment
Question by:Senniger1
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
7 Comments
 
LVL 31

Expert Comment

by:Gareth Gudger
ID: 39946276
Yes, it is okay to change that setting. Although is generally for systems that can't update their own records with DNS.

What happens if you run IPCONFIG /REGISTERDNS from a Windows 7 command prompt? Does it ever show up in DNS?

Are your DNS zones Active Directory integrated? If so, are you doing Secure Updates only? Or another setting?

What functional level is your forest and domain at?
0
 

Author Comment

by:Senniger1
ID: 39946329
Hello...thanks for replying...

/Registerdns does not make it show up in DNS.

DNS is AD integrated with Dynamic updates set to "Secure Only".

Domain level is 2003.

Note: This is only happening on the Win 7 clients...Win XP DNS records are updating correctly.
0
 
LVL 37

Expert Comment

by:Mahesh
ID: 39946375
Setting up DNS suffix will not help

Your dns zone is set to secure dynamic update already

In the properties of DHCP server (Ipv4 in case of 2008 DHCP server), on the DNS tab set Always dynamically update DNS A and PTR records, then DHCP server will always update host (A) and PTR records on behalf of clients (More preferable)
OR
In the properties of DHCP server (Ipv4 in case of 2008 DHCP server), on the DNS tab if have set Dynamically update DNS A and PTR records only if requested by the DHCP clients
In this case if IP lease has changed then client computers will dynamically update DNS records and DHCP server will update PTR records

Also you must set domain service account in DHCP server properties (IPV4 in case of 2008) \ advanced \ credentials tab in order to dynamic update work correctly, otherwise it will fail.
You can create standard domain account with non expiring password for this purpose

Also you must set "Discard A and PTR records when dhcp lease expires" in order to delete expired DHCP leases from DHCP console automatically, otherwise you must delete expired DHCP leases from DHCP console manually.
Note that this will not delete DNS records automatically unless you setup DNS scavenging properly

Also add DHCP servers to DNSUpdateProxy group on domain Controllers

https://msmvps.com/blogs/acefekay/archive/2009/08/20/dhcp-dynamic-dns-updates-scavenging-static-entries-amp-timestamps-and-the-dnsproxyupdate-group.aspx

To set scavenging properly check:
http://social.technet.microsoft.com/Forums/windowsserver/en-US/8d4b5f8e-3290-4a9b-8f9d-68fafdd895a2/dhcp-service-not-siscarding-a-and-ptr-records-in-dns-when-lease-is-deleted
http://241931348f64b1d1.wordpress.com/2010/11/08/how-to-configure-dns-scavenging-stale-record/

Check below EE articles
http://www.experts-exchange.com/Networking/Protocols/DNS/Q_28379478.html
http://www.experts-exchange.com/Networking/Protocols/DHCP/Q_28375413.html

Mahesh
0
Edgartown IT Case Study

Learn about Edgartown's quest to ensure the safety and security of the entire town's employee and citizen data. Read the case study!

 

Author Comment

by:Senniger1
ID: 39946517
Mahesh...

If I enable the "Always dynamically update DNS A and PTR records" - Do I have to add the credentials to the properties in DHCP?

All my XP clients are working fine with DNS records...it is just the Windows 7 clients that are not updating. If I toggle this setting on...do I have to do anything else?
0
 
LVL 37

Accepted Solution

by:
Mahesh earned 500 total points
ID: 39946528
In any case you have to set credentials in DHCP properties
Because in any case DHCP either need to update Host(a) and PTR OR PTR records and since your DHCP server is running on Domain controller server
Hence its mandatory step
Also ensure that you type account password correctly in credentials, because it will not prompt any warning if you enter wrong password, then account will get locked frequently
0
 
LVL 13

Expert Comment

by:Greg Hejl
ID: 39947444
It's time to update to AD/DNS/DHCP to at least 2008 and you should move to 2012.

XP and 2003 are end of life and no longer supported by microsoft.  they announced in 2010 that this would happen in 2014.  it is now 2014.

everything works much better in 2012 version.  things changed with how windows 7 clients interact with domain services.  windows 8 even more so.
0
 

Author Closing Comment

by:Senniger1
ID: 40054153
Thank you for your assistance!
0

Featured Post

Backup Solution for AWS

Read about how CloudBerry Backup fully integrates your backups with Amazon S3 and Amazon Glacier to provide military-grade encryption and dramatically cut storage costs on any platform.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
server crashed 2 59
windows Server 2003 in 2017 10 69
Chrome browsers suddenly reporting DNS_PROBE_FINISHED_BAD_CONFIG when searching 1 23
BgInfo help 5 59
There have been a lot of times when we have seen the need to enter a large number of DNS entries in a forward lookup zone. The standard procedure would be to launch the DNS Manager console, create the Zone and start adding new hosts using the New…
On July 14th 2015, Windows Server 2003 will become End of Support, leaving hundreds of thousands of servers around the world that still run this 12 year old operating system vulnerable and potentially out of compliance in many organisations around t…
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …

740 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question