DHCP and DNS are not in sync

[bence8810]

Hi

We are a small office of a large network, and at each office we have a Domain controller, and an Exchange server.

The exchange is responsible for DHCP leases and the Domain controller for DNS. There is a replication among all DNS servers around the globe.

What I recently noted, is that the DNS record on my DC are not the same as the DHCP records on my Exchange.

What happens is that someone gets a new PC, so the old one is renamed, and the new one is added to the Domain with the same name. DHCP will give it a new IP, as the MAC address is new, but it wont auto refresh the DNS. When I try to connect to it with its name, I get connected to the old machine, therefore I researched, and found that DNS entries are not refreshed at all.

Is there a way to set DHCP and DNS to auto-synch among them?

Thanks

Ben

 

[Paulreg]

Windows 2000 and later DHCP clients include option 81 which asks the DHCP server to update DNS PTR record. The client should then update its own A record. Earlier clients relied on the DHCP to update both PTR and A records.

 

[bence8810]

Hi

Yes, I also thought it should work, but for some reason, the old entries stay in DNS, and the new PC wont update the old entry in DNS, even though in DHCP it is correct.

What else can be wrong? Some permission issues?

Thanks

Ben

 

[Paulreg]

On the General tab for the properties of the zone, are Dynamic updates enabled ?
You should only be allowing Secure Dynamic updates so the DHCP server should be a member of the DNSUpdateProxy group.

 

[wcburton]

There are permissions on the DNS records that correspond to a computer object in AD. When you are giving the new PC the same name as the old, it does not get the same AD object as the old and so it does not have rights to the DNS entry.

We had this happening on our DNS as well but I was not able to get a clear answer on what was happening to get this out of sync. I think what we did was delete the incorrect DNS entry and then upon recreation of the record, the permissions would be correct.

If someone can fill in the blanks on this it would be appreciated.

 

[bence8810]

Hi

Thanks for all the answers. I was checking the DHCP logs just now for the PC that was not updated, and I found it appears to be a Success as per the log file. The IP address is the right one too, however in DNS, the IP did not change, it remains to be the old / outdated one.

What can be the reason? In Event Viewer I dont see any DNS related errors either.

Thanks

Ben

30,01/11/08,09:19:32,DNS Update Request,18.84.10.10,pcname.global.loc,,
11,01/11/08,09:19:32,Renew,10.10.84.18,pcname.global.loc,MACADDRESS,
32,01/11/08,09:19:32,DNS Update Successful,10.10.84.18,pcname.global.loc,,

 

[bence8810]

Hi

Sorry to re-post in such a short term, I am starting to lose my mind.

If I ping the pcname.global.loc, I get the old IP. If I nslookup for the old ip, I get a missing record and when I nslookup for the new IP, I get the pcname.global.loc, which is strange.

It seems ping (reverse lookup) gives bad results, but nslookup (forward lookup) gives the right ones? I dont know anymore.

Here it is how it looks:

Any help is appreciated,
Ben

C:\>ping pcname

Pinging pcname.global.loc [10.10.84.37] with 32 bytes of
 data:

Request timed out.

Ping statistics for 10.10.84.37:
    Packets: Sent = 1, Received = 0, Lost = 1 (100% loss),
Control-C
^C
C:\>nslookup 10.10.84.18
Server:  domaincontroller.global.loc
Address:  10.10.80.1

Name:    pcname.global.loc
Address:  10.10.84.18


C:\>nslookup 10.10.84.37
Server:  domaincontroller.global.loc
Address:  10.10.80.1

*** domaincontroller.global.loc can't find 10.10.84.37: Non-existent d
omain

C:\>

...and to top this off, I verified in the DNS records. The Reverse DNS is correct, but the Forward DNS is still on the old IP.

What can be the cause?