Solved

DNS Dynamic Update

Posted on 2016-07-29
7
65 Views
Last Modified: 2016-07-29
I would like to understand some things more clearly.

Lets say I have servers and domain controllers with static IP addresses.  What does Dynamic Update really do for me?  How does it help anything in the case of the servers/domain controllers?  Is it ok to turn OFF Dynamic Updates?  Would it hurt anything?

Is there a best practice for having Dynamic Update turned on?  

Thanks in advance!

Dan
0
Comment
Question by:Danny Verrazano
  • 4
  • 2
7 Comments
 
LVL 34

Assisted Solution

by:Paul MacDonald
Paul MacDonald earned 100 total points
ID: 41734647
"Lets say I have servers and domain controllers with static IP addresses.  What does Dynamic Update really do for me?"
Nothing.

"How does it help anything in the case of the servers/domain controllers?"
It doesn't.

"Is it ok to turn OFF Dynamic Updates?"  
Yes.

"Would it hurt anything?"
Potentially.

"Is there a best practice for having Dynamic Update turned on?"
Dynamic updates is the method where a DHCP client updates DNS with its IP information, without the help of the DHCP server.  There are few risks to Dynamic Updates on a network you control.   On a less private network, you might want to turn off Dynamic Updates.
0
 

Author Comment

by:Danny Verrazano
ID: 41734654
"Would it hurt anything?"
 Potentially.


Can you explain or give examples of what could potentially be impacted?  

What exactly does a server/domain controller with static IP addresses do with Dynamic Update??  I am guessing maybe a server will update the timestamp on the record in DNS to prevent it from ever being scavenged??  Does it work that way at all?
0
 

Author Comment

by:Danny Verrazano
ID: 41734670
Also, would I be correct in saying that a domain controller would NOT be able to re-register SRV records when restarting netlogon service or when the domain controller is restarted??  That functionality would be gone correct?  If so, what impact could that have and is there anything else that could be impacted?
0
3 Use Cases for Connected Systems

Our Dev teams are like yours. They’re continually cranking out code for new features/bugs fixes, testing, deploying, testing some more, responding to production monitoring events and more. It’s complex. So, we thought you’d like to see what’s working for us.

 
LVL 34

Expert Comment

by:Paul MacDonald
ID: 41734826
"Can you explain or give examples of what could potentially be impacted?"
It's unlikely, but a scenario could exist where two devices assert to DNS that they have the same IP address.

"What exactly does a server/domain controller with static IP addresses do with Dynamic Update??  I am guessing maybe a server will update the timestamp on the record in DNS to prevent it from ever being scavenged??  Does it work that way at all?"
Dynamic Update is just the process whereby a client updates DNS directly, without the intervention of a human or DHCP.  

DNS records are not scavenged the way DHCP leases are.


"Also, would I be correct in saying that a domain controller would NOT be able to re-register SRV records when restarting netlogon service or when the domain controller is restarted??"
This is an interesting question.  I would guess there's no way to stop a Domain Controller from updating DNS since generally every DC is also a DNS server.  The idea of a DNS server that's unable to register records in its own database seems unlikely to me.
0
 

Author Comment

by:Danny Verrazano
ID: 41734888
So, what about in the case of NOT using Microsoft AD integrated DNS??    So the domain controllers are not actually DNS servers.  There is an external DNS infrastructure?  

Does anyone know what happens if Dynamic Update is turned off?  Will domain controllers no longer be able to automatically register SRV records when you restart netlogon service?  OR what if you just do ipconfig /registerdns??  Does that rely on Dynamic Updates as well?
0
 
LVL 39

Accepted Solution

by:
footech earned 400 total points
ID: 41734977
The advantage with dynamic updates, even with clients that are configured with static IPs, is that when it comes time to decommission the static server, if you've got DNS scavenging running, you don't have to spend time cleaning up their DNS records.  And if the static IP changes, likewise its record can be updated automatically instead of having to do it manually.

And yes, the server updates the timestamp on the record to prevent it from being scavenged.
1
 

Author Comment

by:Danny Verrazano
ID: 41735113
Thanks to all who contributed
0

Featured Post

Is Your AD Toolbox Looking More Like a Toybox?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this article we will discuss all things related to StageFright bug, the most vulnerable bug of android devices.
While rebooting windows server 2003 server , it's showing "active directory rebuilding indices please wait" at startup. It took a little while for this process to complete and once we logged on not all the services were started so another reboot is …
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

813 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now