Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

DNS Dynamic Update

Posted on 2016-07-29
7
67 Views
Last Modified: 2016-07-29
I would like to understand some things more clearly.

Lets say I have servers and domain controllers with static IP addresses.  What does Dynamic Update really do for me?  How does it help anything in the case of the servers/domain controllers?  Is it ok to turn OFF Dynamic Updates?  Would it hurt anything?

Is there a best practice for having Dynamic Update turned on?  

Thanks in advance!

Dan
0
Comment
Question by:Danny Verrazano
  • 4
  • 2
7 Comments
 
LVL 34

Assisted Solution

by:Paul MacDonald
Paul MacDonald earned 100 total points
ID: 41734647
"Lets say I have servers and domain controllers with static IP addresses.  What does Dynamic Update really do for me?"
Nothing.

"How does it help anything in the case of the servers/domain controllers?"
It doesn't.

"Is it ok to turn OFF Dynamic Updates?"  
Yes.

"Would it hurt anything?"
Potentially.

"Is there a best practice for having Dynamic Update turned on?"
Dynamic updates is the method where a DHCP client updates DNS with its IP information, without the help of the DHCP server.  There are few risks to Dynamic Updates on a network you control.   On a less private network, you might want to turn off Dynamic Updates.
0
 

Author Comment

by:Danny Verrazano
ID: 41734654
"Would it hurt anything?"
 Potentially.


Can you explain or give examples of what could potentially be impacted?  

What exactly does a server/domain controller with static IP addresses do with Dynamic Update??  I am guessing maybe a server will update the timestamp on the record in DNS to prevent it from ever being scavenged??  Does it work that way at all?
0
 

Author Comment

by:Danny Verrazano
ID: 41734670
Also, would I be correct in saying that a domain controller would NOT be able to re-register SRV records when restarting netlogon service or when the domain controller is restarted??  That functionality would be gone correct?  If so, what impact could that have and is there anything else that could be impacted?
0
Is Your AD Toolbox Looking More Like a Toybox?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

 
LVL 34

Expert Comment

by:Paul MacDonald
ID: 41734826
"Can you explain or give examples of what could potentially be impacted?"
It's unlikely, but a scenario could exist where two devices assert to DNS that they have the same IP address.

"What exactly does a server/domain controller with static IP addresses do with Dynamic Update??  I am guessing maybe a server will update the timestamp on the record in DNS to prevent it from ever being scavenged??  Does it work that way at all?"
Dynamic Update is just the process whereby a client updates DNS directly, without the intervention of a human or DHCP.  

DNS records are not scavenged the way DHCP leases are.


"Also, would I be correct in saying that a domain controller would NOT be able to re-register SRV records when restarting netlogon service or when the domain controller is restarted??"
This is an interesting question.  I would guess there's no way to stop a Domain Controller from updating DNS since generally every DC is also a DNS server.  The idea of a DNS server that's unable to register records in its own database seems unlikely to me.
0
 

Author Comment

by:Danny Verrazano
ID: 41734888
So, what about in the case of NOT using Microsoft AD integrated DNS??    So the domain controllers are not actually DNS servers.  There is an external DNS infrastructure?  

Does anyone know what happens if Dynamic Update is turned off?  Will domain controllers no longer be able to automatically register SRV records when you restart netlogon service?  OR what if you just do ipconfig /registerdns??  Does that rely on Dynamic Updates as well?
0
 
LVL 39

Accepted Solution

by:
footech earned 400 total points
ID: 41734977
The advantage with dynamic updates, even with clients that are configured with static IPs, is that when it comes time to decommission the static server, if you've got DNS scavenging running, you don't have to spend time cleaning up their DNS records.  And if the static IP changes, likewise its record can be updated automatically instead of having to do it manually.

And yes, the server updates the timestamp on the record to prevent it from being scavenged.
1
 

Author Comment

by:Danny Verrazano
ID: 41735113
Thanks to all who contributed
0

Featured Post

MIM Survival Guide for Service Desk Managers

Major incidents can send mastered service desk processes into disorder. Systems and tools produce the data needed to resolve these incidents, but your challenge is getting that information to the right people fast. Check out the Survival Guide and begin bringing order to chaos.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this article, I am going to show you how to simulate a multi-site Lab environment on a single Hyper-V host. I use this method successfully in my own lab to simulate three fully routed global AD Sites on a Windows 10 Hyper-V host.
Last week, our Skyport webinar on “How to secure your Active Directory” (https://www.experts-exchange.com/videos/5810/Webinar-Is-Your-Active-Directory-as-Secure-as-You-Think.html?cid=Gene_Skyport) provided 218 attendees with a step-by-step guide for…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
Hi friends,  in this video  I'll show you how new windows 10 user can learn the using of windows 10. Thank you.

789 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question