Solved

change static Active Directory DNS record to dynamic

Posted on 2014-12-30
6
1,904 Views
Last Modified: 2014-12-30
For our servers, i have manually changed some of our critical DNS records to static, as DNS was in bad shape when i arrived and wanted no potential hiccups on a production network.  Now that scavenging is fixed and shown to work for DHCP client systems and the server records are in order, i'd like to get back to dynamic records for the servers so no manual deletions will be needed going forward.  I've found online that registering manually at the server usin ipconfig /registerdns is supposed to initiate the record to go dynamic, but that hasn't worked.  How can i get my servers back to dynamic A records?
0
Comment
Question by:itsasupport
6 Comments
 
LVL 10

Expert Comment

by:schaps
ID: 40523783
Have you already done the following?

-Open DNS Manager.
-In the console tree, right-click the applicable zone, and then click Properties.
-On the General tab, verify that the zone type is either Primary or Active Directory-integrated.
-In Dynamic Updates, click Nonsecure and secure.

If so and no change, have you rebooted?
0
 

Author Comment

by:itsasupport
ID: 40523841
DNS/other servers were rebooted doin the MS updates for the month already. we only do secure updates and AD integrated.  would it not work with these settings?
0
 

Author Comment

by:itsasupport
ID: 40523849
was that the correct method?  or is there a better step by step to be sure i did it correctly other than just running ipconfig /flushdns from the problem computer only?
0
Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

 
LVL 39

Expert Comment

by:footech
ID: 40523905
I would leave it at secure only.
To change the record to dynamic, in the DNS console under View make sure you have Advanced checked > then go to the record > right-click and choose Properties > then check the box to delete the record when it becomes stale.  When you hit Apply you should see a timestamp on the record.  However, there have been times where I have seen this not stick for some reason.  In that case I would suggest deleting the record, then run ipconfig /registerdns on the server so that it will recreate the record.  This also has the benefit of ensuring that the security on the record is correct.
0
 
LVL 26

Accepted Solution

by:
DrDave242 earned 500 total points
ID: 40523933
I've been doing some testing, and the dnscmd /ageallrecords command appears to do just what you want. However, you'll need to be careful with the parameters you supply to the command in order to change only the records you want. Here's what I've found in my testing:

Dnscmd /ageallrercords mydomain.local will change all static (same as parent folder) records in the root of the mydomain.local zone to dynamic.
Dnscmd /ageallrecords mydomain.local /tree will change all static records in the mydomain.local zone and all subzones to dynamic.
Dnscmd /ageallrecords mydomain.local server1 will change the server1.mydomain.local record to dynamic.

I recommend creating a test zone, populating it with some random test records and/or subzones, and experimenting a little before running this command on a production zone, so you'll know what to expect. There are a couple of important things to be aware of:

The timestamp applied to the records will be the current time rounded down to the nearest hour. (Running the command at 10:55am on 12/30/2014, for example, applies a timestamp of 12/30/2014 10:00am.)
The documentation for the command (see the link above) implies that running the command on a record that's already dynamic will update the record's timestamp, but this didn't happen in my testing, which was performed in Windows Server 2012 R2. Records that were already dynamic were unchanged by the command.
0
 

Author Comment

by:itsasupport
ID: 40524254
DrDave242, you are correct.  the syntax after testing and creating a test zone is:

dnscmd /ageallrecords FQDN_zone_name server_name /f

(also have to have scavenging on the zone set or it will fail)

the /f is to not prompt "are you sure" type of thing.

thanks everyone.  that did it.
0

Featured Post

What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

I don't know if many of you have made the great mistake of using the Cisco Thin Client model with the management software VXC. If you have then you are probably more then familiar with the incredibly clunky interface, the numerous work arounds, and …
The reason that corporations and businesses use Windows servers is because it supports custom modifications to adapt to the business and what it needs. Most individual users won’t need such powerful options. Here I’ll explain how you can enable Wind…
This tutorial will give a short introduction and overview of Backup Exec 2012 and how to navigate and perform basic functions. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as conne…
This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…

920 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now