Solved

change static Active Directory DNS record to dynamic

Posted on 2014-12-30
6
2,418 Views
Last Modified: 2014-12-30
For our servers, i have manually changed some of our critical DNS records to static, as DNS was in bad shape when i arrived and wanted no potential hiccups on a production network.  Now that scavenging is fixed and shown to work for DHCP client systems and the server records are in order, i'd like to get back to dynamic records for the servers so no manual deletions will be needed going forward.  I've found online that registering manually at the server usin ipconfig /registerdns is supposed to initiate the record to go dynamic, but that hasn't worked.  How can i get my servers back to dynamic A records?
0
Comment
Question by:itsasupport
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
6 Comments
 
LVL 10

Expert Comment

by:schaps
ID: 40523783
Have you already done the following?

-Open DNS Manager.
-In the console tree, right-click the applicable zone, and then click Properties.
-On the General tab, verify that the zone type is either Primary or Active Directory-integrated.
-In Dynamic Updates, click Nonsecure and secure.

If so and no change, have you rebooted?
0
 

Author Comment

by:itsasupport
ID: 40523841
DNS/other servers were rebooted doin the MS updates for the month already. we only do secure updates and AD integrated.  would it not work with these settings?
0
 

Author Comment

by:itsasupport
ID: 40523849
was that the correct method?  or is there a better step by step to be sure i did it correctly other than just running ipconfig /flushdns from the problem computer only?
0
NEW Veeam Agent for Microsoft Windows

Backup and recover physical and cloud-based servers and workstations, as well as endpoint devices that belong to remote users. Avoid downtime and data loss quickly and easily for Windows-based physical or public cloud-based workloads!

 
LVL 40

Expert Comment

by:footech
ID: 40523905
I would leave it at secure only.
To change the record to dynamic, in the DNS console under View make sure you have Advanced checked > then go to the record > right-click and choose Properties > then check the box to delete the record when it becomes stale.  When you hit Apply you should see a timestamp on the record.  However, there have been times where I have seen this not stick for some reason.  In that case I would suggest deleting the record, then run ipconfig /registerdns on the server so that it will recreate the record.  This also has the benefit of ensuring that the security on the record is correct.
0
 
LVL 26

Accepted Solution

by:
DrDave242 earned 500 total points
ID: 40523933
I've been doing some testing, and the dnscmd /ageallrecords command appears to do just what you want. However, you'll need to be careful with the parameters you supply to the command in order to change only the records you want. Here's what I've found in my testing:

Dnscmd /ageallrercords mydomain.local will change all static (same as parent folder) records in the root of the mydomain.local zone to dynamic.
Dnscmd /ageallrecords mydomain.local /tree will change all static records in the mydomain.local zone and all subzones to dynamic.
Dnscmd /ageallrecords mydomain.local server1 will change the server1.mydomain.local record to dynamic.

I recommend creating a test zone, populating it with some random test records and/or subzones, and experimenting a little before running this command on a production zone, so you'll know what to expect. There are a couple of important things to be aware of:

The timestamp applied to the records will be the current time rounded down to the nearest hour. (Running the command at 10:55am on 12/30/2014, for example, applies a timestamp of 12/30/2014 10:00am.)
The documentation for the command (see the link above) implies that running the command on a record that's already dynamic will update the record's timestamp, but this didn't happen in my testing, which was performed in Windows Server 2012 R2. Records that were already dynamic were unchanged by the command.
0
 

Author Comment

by:itsasupport
ID: 40524254
DrDave242, you are correct.  the syntax after testing and creating a test zone is:

dnscmd /ageallrecords FQDN_zone_name server_name /f

(also have to have scavenging on the zone set or it will fail)

the /f is to not prompt "are you sure" type of thing.

thanks everyone.  that did it.
0

Featured Post

Guide to Performance: Optimization & Monitoring

Nowadays, monitoring is a mixture of tools, systems, and codes—making it a very complex process. And with this complexity, comes variables for failure. Get DZone’s new Guide to Performance to learn how to proactively find these variables and solve them before a disruption occurs.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

New Windows 7 Installations take days for Windows-Updates to show up and install. This can easily be fixed. I have finally decided to write an article because this seems to get asked several times a day lately. This Article and the Links apply to…
OfficeMate Freezes on login or does not load after login credentials are input.
This tutorial will walk an individual through the steps necessary to configure their installation of BackupExec 2012 to use network shared disk space. Verify that the path to the shared storage is valid and that data can be written to that location:…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…

710 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question