Solved

DNS Dynamic Update

Posted on 2016-07-29
7
58 Views
Last Modified: 2016-07-29
I would like to understand some things more clearly.

Lets say I have servers and domain controllers with static IP addresses.  What does Dynamic Update really do for me?  How does it help anything in the case of the servers/domain controllers?  Is it ok to turn OFF Dynamic Updates?  Would it hurt anything?

Is there a best practice for having Dynamic Update turned on?  

Thanks in advance!

Dan
0
Comment
Question by:Danny Verrazano
  • 4
  • 2
7 Comments
 
LVL 33

Assisted Solution

by:paulmacd
paulmacd earned 100 total points
ID: 41734647
"Lets say I have servers and domain controllers with static IP addresses.  What does Dynamic Update really do for me?"
Nothing.

"How does it help anything in the case of the servers/domain controllers?"
It doesn't.

"Is it ok to turn OFF Dynamic Updates?"  
Yes.

"Would it hurt anything?"
Potentially.

"Is there a best practice for having Dynamic Update turned on?"
Dynamic updates is the method where a DHCP client updates DNS with its IP information, without the help of the DHCP server.  There are few risks to Dynamic Updates on a network you control.   On a less private network, you might want to turn off Dynamic Updates.
0
 

Author Comment

by:Danny Verrazano
ID: 41734654
"Would it hurt anything?"
 Potentially.


Can you explain or give examples of what could potentially be impacted?  

What exactly does a server/domain controller with static IP addresses do with Dynamic Update??  I am guessing maybe a server will update the timestamp on the record in DNS to prevent it from ever being scavenged??  Does it work that way at all?
0
 

Author Comment

by:Danny Verrazano
ID: 41734670
Also, would I be correct in saying that a domain controller would NOT be able to re-register SRV records when restarting netlogon service or when the domain controller is restarted??  That functionality would be gone correct?  If so, what impact could that have and is there anything else that could be impacted?
0
 
LVL 33

Expert Comment

by:paulmacd
ID: 41734826
"Can you explain or give examples of what could potentially be impacted?"
It's unlikely, but a scenario could exist where two devices assert to DNS that they have the same IP address.

"What exactly does a server/domain controller with static IP addresses do with Dynamic Update??  I am guessing maybe a server will update the timestamp on the record in DNS to prevent it from ever being scavenged??  Does it work that way at all?"
Dynamic Update is just the process whereby a client updates DNS directly, without the intervention of a human or DHCP.  

DNS records are not scavenged the way DHCP leases are.


"Also, would I be correct in saying that a domain controller would NOT be able to re-register SRV records when restarting netlogon service or when the domain controller is restarted??"
This is an interesting question.  I would guess there's no way to stop a Domain Controller from updating DNS since generally every DC is also a DNS server.  The idea of a DNS server that's unable to register records in its own database seems unlikely to me.
0
 

Author Comment

by:Danny Verrazano
ID: 41734888
So, what about in the case of NOT using Microsoft AD integrated DNS??    So the domain controllers are not actually DNS servers.  There is an external DNS infrastructure?  

Does anyone know what happens if Dynamic Update is turned off?  Will domain controllers no longer be able to automatically register SRV records when you restart netlogon service?  OR what if you just do ipconfig /registerdns??  Does that rely on Dynamic Updates as well?
0
 
LVL 39

Accepted Solution

by:
footech earned 400 total points
ID: 41734977
The advantage with dynamic updates, even with clients that are configured with static IPs, is that when it comes time to decommission the static server, if you've got DNS scavenging running, you don't have to spend time cleaning up their DNS records.  And if the static IP changes, likewise its record can be updated automatically instead of having to do it manually.

And yes, the server updates the timestamp on the record to prevent it from being scavenged.
1
 

Author Comment

by:Danny Verrazano
ID: 41735113
Thanks to all who contributed
0

Join & Write a Comment

In a recent article here at Experts Exchange (http://www.experts-exchange.com/articles/18880/PaperPort-14-in-Windows-10-A-First-Look.html), I discussed my nine-month sandbox testing of the Windows 10 Technical Preview, specifically with respect to r…
I. Introduction There's an interesting discussion going on now in an Experts Exchange Group — Attachments with no extension (http://www.experts-exchange.com/discussions/210281/Attachments-with-no-extension.html). This reminded me of questions tha…
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now