Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

change static Active Directory DNS record to dynamic

Posted on 2014-12-30
6
Medium Priority
?
2,820 Views
Last Modified: 2014-12-30
For our servers, i have manually changed some of our critical DNS records to static, as DNS was in bad shape when i arrived and wanted no potential hiccups on a production network.  Now that scavenging is fixed and shown to work for DHCP client systems and the server records are in order, i'd like to get back to dynamic records for the servers so no manual deletions will be needed going forward.  I've found online that registering manually at the server usin ipconfig /registerdns is supposed to initiate the record to go dynamic, but that hasn't worked.  How can i get my servers back to dynamic A records?
0
Comment
Question by:itsasupport
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
6 Comments
 
LVL 10

Expert Comment

by:schaps
ID: 40523783
Have you already done the following?

-Open DNS Manager.
-In the console tree, right-click the applicable zone, and then click Properties.
-On the General tab, verify that the zone type is either Primary or Active Directory-integrated.
-In Dynamic Updates, click Nonsecure and secure.

If so and no change, have you rebooted?
0
 

Author Comment

by:itsasupport
ID: 40523841
DNS/other servers were rebooted doin the MS updates for the month already. we only do secure updates and AD integrated.  would it not work with these settings?
0
 

Author Comment

by:itsasupport
ID: 40523849
was that the correct method?  or is there a better step by step to be sure i did it correctly other than just running ipconfig /flushdns from the problem computer only?
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 
LVL 41

Expert Comment

by:footech
ID: 40523905
I would leave it at secure only.
To change the record to dynamic, in the DNS console under View make sure you have Advanced checked > then go to the record > right-click and choose Properties > then check the box to delete the record when it becomes stale.  When you hit Apply you should see a timestamp on the record.  However, there have been times where I have seen this not stick for some reason.  In that case I would suggest deleting the record, then run ipconfig /registerdns on the server so that it will recreate the record.  This also has the benefit of ensuring that the security on the record is correct.
0
 
LVL 27

Accepted Solution

by:
DrDave242 earned 2000 total points
ID: 40523933
I've been doing some testing, and the dnscmd /ageallrecords command appears to do just what you want. However, you'll need to be careful with the parameters you supply to the command in order to change only the records you want. Here's what I've found in my testing:

Dnscmd /ageallrercords mydomain.local will change all static (same as parent folder) records in the root of the mydomain.local zone to dynamic.
Dnscmd /ageallrecords mydomain.local /tree will change all static records in the mydomain.local zone and all subzones to dynamic.
Dnscmd /ageallrecords mydomain.local server1 will change the server1.mydomain.local record to dynamic.

I recommend creating a test zone, populating it with some random test records and/or subzones, and experimenting a little before running this command on a production zone, so you'll know what to expect. There are a couple of important things to be aware of:

The timestamp applied to the records will be the current time rounded down to the nearest hour. (Running the command at 10:55am on 12/30/2014, for example, applies a timestamp of 12/30/2014 10:00am.)
The documentation for the command (see the link above) implies that running the command on a record that's already dynamic will update the record's timestamp, but this didn't happen in my testing, which was performed in Windows Server 2012 R2. Records that were already dynamic were unchanged by the command.
0
 

Author Comment

by:itsasupport
ID: 40524254
DrDave242, you are correct.  the syntax after testing and creating a test zone is:

dnscmd /ageallrecords FQDN_zone_name server_name /f

(also have to have scavenging on the zone set or it will fail)

the /f is to not prompt "are you sure" type of thing.

thanks everyone.  that did it.
0

Featured Post

Important Lessons on Recovering from Petya

In their most recent webinar, Skyport Systems explores ways to isolate and protect critical databases to keep the core of your company safe from harm.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Resolving an irritating Remote Desktop connection that stops your saved credentials from being used.
Windows Server 2003 introduced persistent Volume Shadow Copies and made 2003 a must-do upgrade.  Since then, it's been a must-implement feature for all servers doing any kind of file sharing.
This tutorial will walk an individual through the steps necessary to enable the VMware\Hyper-V licensed feature of Backup Exec 2012. In addition, how to add a VMware server and configure a backup job. The first step is to acquire the necessary licen…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

722 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question