No Dynamic Update

18/07/2006, 19h15

Servers are 2003, SP1, one DNS server in each of 4 locations, all setup as
primary, AD is running on all DNS servers. No dcdiag or netdiag errors.
No error with dcdiag /test:dns No replication errors.

But dynamic DNS is not running properly, seems a few machines update but not
others. All running DHCP with Dynamic Update. Found tis problem when I had
to move several machines between sites (subnets).

Anything I can check?? Is there a way to force DNS replication so all AD
servers show same version or is this just part of normal AD replication??

dave Admin

19/07/2006, 17h06

Are you running just primary zones or AD-integrated? AD-integrated zones
replicate with active directory replication, so this could be a case why some
dns servers are not updating right away. You should check Sites and Services
to see when your site replication occurs, and determine if this is why the
records are not updating.

"Dave Mackler" wrote:

> Servers are 2003, SP1, one DNS server in each of 4 locations, all setup as
> primary, AD is running on all DNS servers. No dcdiag or netdiag errors.
> No error with dcdiag /test:dns No replication errors.
>
> But dynamic DNS is not running properly, seems a few machines update but not
> others. All running DHCP with Dynamic Update. Found tis problem when I had
> to move several machines between sites (subnets).
>
> Anything I can check?? Is there a way to force DNS replication so all AD
> servers show same version or is this just part of normal AD replication??
>
> dave Admin
>
>
>
>

19/07/2006, 18h22

Dave Mackler wrote:
> Servers are 2003, SP1, one DNS server in each of 4 locations, all
> setup as primary, AD is running on all DNS servers. No dcdiag or
> netdiag errors. No error with dcdiag /test:dns No replication errors.
>
> But dynamic DNS is not running properly, seems a few machines update
> but not others. All running DHCP with Dynamic Update. Found tis
> problem when I had to move several machines between sites (subnets).
>
> Anything I can check?? Is there a way to force DNS replication so
> all AD servers show same version or is this just part of normal AD
> replication??

Windows Server 2003 DHCP should be configured with a dedicated user account
with a non-expiring password for registering in DNS, and all DHCP servers
should be configured with the same user account. Is this done?
This is so each DHCP server can update DNS records registered by another
DHCP server in the forest.

How to configure DNS dynamic updates in Windows Server 2003:
http://support.microsoft.com/default...b;en-us;816592

--
Best regards,
Kevin D. Goodknecht Sr. [MVP]
Hope This s
===================================
When responding to posts, please "Reply to Group"
via your newsreader so that others may learn and
benefit from your issue, to respond directly to
me remove the nospam. from my email address.
===================================
http://www.lonestaramerica.com/
http://support.wftx.us/
https://secure.lsaol.com/
===================================
Use Outlook Express?... Get OE_Quotefix:
It will strip signature out and more
http://home.in.tum.de/~jain/software/oe-quotefix/
===================================
Keep a back up of your OE settings and folders
with OEBackup:
http://www.oe.com/OEBackup/Default.aspx
===================================

16/10/2006, 11h18

Hi,

I have a similar problem.

Dynamic updates are not funtioning when using "Secure Only" updates. But
when I choose "Secure and Non-Secure" it is working right away.

With "Secure and Non-Secure" I can do a "ipconfig /registerdns" on the
clients and they will get registered right away. With "Secure Only" this
approach does not work.

I am running AD integrated zones and Windows 2003 native domain and forest.
I have a dedicated DHCP user account and the DCs is member of DNSUpdateProxy
since the DHCP servers resides on the DCs.

I hope someone can me.

Regards

Brian

"Dave Mackler" <dmackler@mds.acsol.net> skrev i en meddelelse
news:eXebyYpqGHA.1796@TK2MSFTNGP03.phx.gbl...
> Servers are 2003, SP1, one DNS server in each of 4 locations, all setup as
> primary, AD is running on all DNS servers. No dcdiag or netdiag errors.
> No error with dcdiag /test:dns No replication errors.
>
> But dynamic DNS is not running properly, seems a few machines update but
> not others. All running DHCP with Dynamic Update. Found tis problem when
> I had to move several machines between sites (subnets).
>
> Anything I can check?? Is there a way to force DNS replication so all AD
> servers show same version or is this just part of normal AD replication??
>
> dave Admin
>
>

16/10/2006, 18h03

Brian Nielsen wrote:
> Hi,
>
> I have a similar problem.
>
> Dynamic updates are not funtioning when using "Secure Only" updates.
> But when I choose "Secure and Non-Secure" it is working right away.
>
> With "Secure and Non-Secure" I can do a "ipconfig /registerdns" on the
> clients and they will get registered right away. With "Secure Only"
> this approach does not work.
>
> I am running AD integrated zones and Windows 2003 native domain and
> forest. I have a dedicated DHCP user account and the DCs is member of
> DNSUpdateProxy since the DHCP servers resides on the DCs.
>
> I hope someone can me.

The DNSUpdateProxy group cannot be used for Secure updates.
Create a new user account with a non-expiring strong password, and no
special privilegdes. On the Advnced tab of the DHCP server properties sheet,
click the credentials button, enter the user name and password for the
account.

I recommend adding Windows 2000 option 002 for release IP lease on shutdown,
Always update DNS, and remove A & PTR records when lease expires.
Clear the "register this connections addresses in DNS" on the clients, and
delete all dynamic records, then run ipconfig /release & ipconfig /renew on
all clients. This causes the Account to take ownership of the records then
DHCP can keep DNS updated.

--
Best regards,
Kevin D. Goodknecht Sr. [MVP]
Hope This s
===================================
When responding to posts, please "Reply to Group"
via your newsreader so that others may learn and
benefit from your issue, to respond directly to
me remove the nospam. from my email address.
===================================
http://www.lonestaramerica.com/
http://support.wftx.us/
http://message.wftx.us/
===================================
Use Outlook Express?... Get OE_Quotefix:
It will strip signature out and more
http://home.in.tum.de/~jain/software/oe-quotefix/
===================================
Keep a back up of your OE settings and folders
with OEBackup:
http://www.oe.com/OEBackup/Default.aspx
===================================

17/10/2006, 07h41

Hi,

I have made the changes you suggest, but my clients are still not registered
in DNS. Not even when I do a ipconfig /registerdns. But as soon as I change
to nonsecure updates the clients are registered right away.

I hope you have another idea.

Best Regards

Brian

"Kevin D. Goodknecht Sr. [MVP]" <admin@nospam.WFTX.US> skrev i en meddelelse
news:%23JVhwTU8GHA.4740@TK2MSFTNGP02.phx.gbl...
>
> The DNSUpdateProxy group cannot be used for Secure updates.
> Create a new user account with a non-expiring strong password, and no
> special privilegdes. On the Advnced tab of the DHCP server properties
> sheet,
> click the credentials button, enter the user name and password for the
> account.
>
> I recommend adding Windows 2000 option 002 for release IP lease on
> shutdown,
> Always update DNS, and remove A & PTR records when lease expires.
> Clear the "register this connections addresses in DNS" on the clients, and
> delete all dynamic records, then run ipconfig /release & ipconfig /renew
> on
> all clients. This causes the Account to take ownership of the records then
> DHCP can keep DNS updated.
>
> --
> Best regards,
> Kevin D. Goodknecht Sr. [MVP]
> Hope This s
> ===================================
> When responding to posts, please "Reply to Group"
> via your newsreader so that others may learn and
> benefit from your issue, to respond directly to
> me remove the nospam. from my email address.
> ===================================
> http://www.lonestaramerica.com/
> http://support.wftx.us/
> http://message.wftx.us/
> ===================================
> Use Outlook Express?... Get OE_Quotefix:
> It will strip signature out and more
> http://home.in.tum.de/~jain/software/oe-quotefix/
> ===================================
> Keep a back up of your OE settings and folders
> with OEBackup:
> http://www.oe.com/OEBackup/Default.aspx
> ===================================
>
>

18/07/2006, 19h15	#1
Dave Mackler Messages: n/a Hébergeur:	No Dynamic Update Servers are 2003, SP1, one DNS server in each of 4 locations, all setup as primary, AD is running on all DNS servers. No dcdiag or netdiag errors. No error with dcdiag /test:dns No replication errors. But dynamic DNS is not running properly, seems a few machines update but not others. All running DHCP with Dynamic Update. Found tis problem when I had to move several machines between sites (subnets). Anything I can check?? Is there a way to force DNS replication so all AD servers show same version or is this just part of normal AD replication?? dave Admin

19/07/2006, 17h06	#2
Spenceation Messages: n/a Hébergeur:	RE: No Dynamic Update Are you running just primary zones or AD-integrated? AD-integrated zones replicate with active directory replication, so this could be a case why some dns servers are not updating right away. You should check Sites and Services to see when your site replication occurs, and determine if this is why the records are not updating. "Dave Mackler" wrote: > Servers are 2003, SP1, one DNS server in each of 4 locations, all setup as > primary, AD is running on all DNS servers. No dcdiag or netdiag errors. > No error with dcdiag /test:dns No replication errors. > > But dynamic DNS is not running properly, seems a few machines update but not > others. All running DHCP with Dynamic Update. Found tis problem when I had > to move several machines between sites (subnets). > > Anything I can check?? Is there a way to force DNS replication so all AD > servers show same version or is this just part of normal AD replication?? > > dave Admin > > > >

19/07/2006, 18h22	#3
Kevin D. Goodknecht Sr. [MVP] Messages: n/a Hébergeur:	Re: No Dynamic Update Dave Mackler wrote: > Servers are 2003, SP1, one DNS server in each of 4 locations, all > setup as primary, AD is running on all DNS servers. No dcdiag or > netdiag errors. No error with dcdiag /test:dns No replication errors. > > But dynamic DNS is not running properly, seems a few machines update > but not others. All running DHCP with Dynamic Update. Found tis > problem when I had to move several machines between sites (subnets). > > Anything I can check?? Is there a way to force DNS replication so > all AD servers show same version or is this just part of normal AD > replication?? Windows Server 2003 DHCP should be configured with a dedicated user account with a non-expiring password for registering in DNS, and all DHCP servers should be configured with the same user account. Is this done? This is so each DHCP server can update DNS records registered by another DHCP server in the forest. How to configure DNS dynamic updates in Windows Server 2003: http://support.microsoft.com/default...b;en-us;816592 -- Best regards, Kevin D. Goodknecht Sr. [MVP] Hope This s =================================== When responding to posts, please "Reply to Group" via your newsreader so that others may learn and benefit from your issue, to respond directly to me remove the nospam. from my email address. =================================== http://www.lonestaramerica.com/ http://support.wftx.us/ https://secure.lsaol.com/ =================================== Use Outlook Express?... Get OE_Quotefix: It will strip signature out and more http://home.in.tum.de/~jain/software/oe-quotefix/ =================================== Keep a back up of your OE settings and folders with OEBackup: http://www.oe.com/OEBackup/Default.aspx ===================================

16/10/2006, 11h18	#4
Brian Nielsen Messages: n/a Hébergeur:	Re: No Dynamic Update Hi, I have a similar problem. Dynamic updates are not funtioning when using "Secure Only" updates. But when I choose "Secure and Non-Secure" it is working right away. With "Secure and Non-Secure" I can do a "ipconfig /registerdns" on the clients and they will get registered right away. With "Secure Only" this approach does not work. I am running AD integrated zones and Windows 2003 native domain and forest. I have a dedicated DHCP user account and the DCs is member of DNSUpdateProxy since the DHCP servers resides on the DCs. I hope someone can me. Regards Brian "Dave Mackler" <dmackler@mds.acsol.net> skrev i en meddelelse news:eXebyYpqGHA.1796@TK2MSFTNGP03.phx.gbl... > Servers are 2003, SP1, one DNS server in each of 4 locations, all setup as > primary, AD is running on all DNS servers. No dcdiag or netdiag errors. > No error with dcdiag /test:dns No replication errors. > > But dynamic DNS is not running properly, seems a few machines update but > not others. All running DHCP with Dynamic Update. Found tis problem when > I had to move several machines between sites (subnets). > > Anything I can check?? Is there a way to force DNS replication so all AD > servers show same version or is this just part of normal AD replication?? > > dave Admin > >

16/10/2006, 18h03	#5
Kevin D. Goodknecht Sr. [MVP] Messages: n/a Hébergeur:	Re: No Dynamic Update Brian Nielsen wrote: > Hi, > > I have a similar problem. > > Dynamic updates are not funtioning when using "Secure Only" updates. > But when I choose "Secure and Non-Secure" it is working right away. > > With "Secure and Non-Secure" I can do a "ipconfig /registerdns" on the > clients and they will get registered right away. With "Secure Only" > this approach does not work. > > I am running AD integrated zones and Windows 2003 native domain and > forest. I have a dedicated DHCP user account and the DCs is member of > DNSUpdateProxy since the DHCP servers resides on the DCs. > > I hope someone can me. The DNSUpdateProxy group cannot be used for Secure updates. Create a new user account with a non-expiring strong password, and no special privilegdes. On the Advnced tab of the DHCP server properties sheet, click the credentials button, enter the user name and password for the account. I recommend adding Windows 2000 option 002 for release IP lease on shutdown, Always update DNS, and remove A & PTR records when lease expires. Clear the "register this connections addresses in DNS" on the clients, and delete all dynamic records, then run ipconfig /release & ipconfig /renew on all clients. This causes the Account to take ownership of the records then DHCP can keep DNS updated. -- Best regards, Kevin D. Goodknecht Sr. [MVP] Hope This s =================================== When responding to posts, please "Reply to Group" via your newsreader so that others may learn and benefit from your issue, to respond directly to me remove the nospam. from my email address. =================================== http://www.lonestaramerica.com/ http://support.wftx.us/ http://message.wftx.us/ =================================== Use Outlook Express?... Get OE_Quotefix: It will strip signature out and more http://home.in.tum.de/~jain/software/oe-quotefix/ =================================== Keep a back up of your OE settings and folders with OEBackup: http://www.oe.com/OEBackup/Default.aspx ===================================

17/10/2006, 07h41	#6
Brian Nielsen Messages: n/a Hébergeur:	Re: No Dynamic Update Hi, I have made the changes you suggest, but my clients are still not registered in DNS. Not even when I do a ipconfig /registerdns. But as soon as I change to nonsecure updates the clients are registered right away. I hope you have another idea. Best Regards Brian "Kevin D. Goodknecht Sr. [MVP]" <admin@nospam.WFTX.US> skrev i en meddelelse news:%23JVhwTU8GHA.4740@TK2MSFTNGP02.phx.gbl... > > The DNSUpdateProxy group cannot be used for Secure updates. > Create a new user account with a non-expiring strong password, and no > special privilegdes. On the Advnced tab of the DHCP server properties > sheet, > click the credentials button, enter the user name and password for the > account. > > I recommend adding Windows 2000 option 002 for release IP lease on > shutdown, > Always update DNS, and remove A & PTR records when lease expires. > Clear the "register this connections addresses in DNS" on the clients, and > delete all dynamic records, then run ipconfig /release & ipconfig /renew > on > all clients. This causes the Account to take ownership of the records then > DHCP can keep DNS updated. > > -- > Best regards, > Kevin D. Goodknecht Sr. [MVP] > Hope This s > =================================== > When responding to posts, please "Reply to Group" > via your newsreader so that others may learn and > benefit from your issue, to respond directly to > me remove the nospam. from my email address. > =================================== > http://www.lonestaramerica.com/ > http://support.wftx.us/ > http://message.wftx.us/ > =================================== > Use Outlook Express?... Get OE_Quotefix: > It will strip signature out and more > http://home.in.tum.de/~jain/software/oe-quotefix/ > =================================== > Keep a back up of your OE settings and folders > with OEBackup: > http://www.oe.com/OEBackup/Default.aspx > =================================== > >

Outils de la discussion
Afficher une version imprimable Envoyer un lien vers cette page par email