Some clients not dynamically updating DNS

Vitor Pereira 1 Reputation point
2023-05-06T17:16:26.6233333+00:00

I'm having trouble getting some clients to update DNS dynamically.

I have 3 networks (A,B & C) connected with site to site VPNs.

In A there's a 2012 R2 domain controller running DHCP (for its local network) and DNS.

For B & C DHCP is done by the routers and use DNS in A.

Windows 10 clients in B are updating DNS records on the DC in A, clients in C are NOT updating DNS records on the DC. If I move a laptop from C to B it updates the record.

B & C have the same configuration regarding DHCP options, firewall, VPN connection, etc.

Running secure or unsecure updates on the DNS doesn't make a difference. ipconfig /registerdns fails with the below:

The reason the system could not register these RRs was because the update request it sent to the DNS server timed out. The most likely cause of this is that the DNS server authoritative for the name it was attempting to register or update is not running at this time.

I can use nslookup on the client to make queries to the DNS server successfully. No firewalls blocking anything.

Using network monitor I can see this response to the update request.

Any ideas?

- Dns: QueryId = 0xB148, QUERY (Standard query), Response - Name Error 
    QueryIdentifier: 45384 (0xB148)
  - Flags:  Response, Opcode - QUERY (Standard query), RD, RA, Rcode - Name Error
     QR:                (1...............) Response
     Opcode:            (.0000...........) QUERY (Standard query) 0
     AA:                (.....0..........) Not authoritative
     TC:                (......0.........) Not truncated
     RD:                (.......1........) Recursion desired
     RA:                (........1.......) Recursive query support available
     Zero:              (.........0......) 0
     AuthenticatedData: (..........0.....) Not AuthenticatedData
     CheckingDisabled:  (...........0....) Not CheckingDisabled
     Rcode:             (............0011) Name Error 3
    QuestionCount: 1 (0x1)
    AnswerCount: 0 (0x0)
    NameServerCount: 1 (0x1)
    AdditionalCount: 0 (0x0)
Windows 10
Windows 10
A Microsoft operating system that runs on personal computers and tablets.
10,701 questions
Windows Server 2012
Windows Server 2012
A Microsoft server operating system that supports enterprise-level management, data storage, applications, and communications.
1,534 questions
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Khaled El-Sayed Mohamed 1,160 Reputation points
    2023-06-18T08:49:04.52+00:00

    Hi VP

    If Windows 10 clients in network C are unable to update DNS records on the domain controller in network A, while clients in network B can update successfully, there are a few potential causes for this issue. Here are some troubleshooting steps you can try to resolve the error message you mentioned:

    1. Verify connectivity: Ensure that the clients in network C can communicate with the domain controller in network A. Check the network configuration, firewall settings, and VPN connectivity between the two networks. Ensure that there are no network connectivity issues or restrictions that could prevent DNS updates.
    2. Check DNS server availability: Confirm that the DNS server in network A is running and available to accept DNS update requests. Check the DNS server's status, ensure it is operational, and check for any errors or warnings in the DNS server event logs.
    3. DNS zone configuration: Verify the DNS zone configuration on the domain controller in network A. Ensure that the zone allows dynamic updates from clients. You can check the zone properties in the DNS server management console and ensure that the zone is configured to allow dynamic updates.
    4. DNS server permissions: Ensure that the computer account of the domain controller in network A has the necessary permissions to create and update DNS records in the DNS zone. The computer account should have the "Write" permission set for the relevant DNS zone.
    5. Check client DNS settings: Verify that the DNS settings on the clients in network C are correctly configured to point to the DNS server in network A. Check the DNS server address configured in the network adapter settings of the clients and ensure it is set to the correct IP address of the domain controller in network A.
    6. Flush DNS cache: On the clients in network C, try flushing the DNS cache using the command ipconfig /flushdns. This will clear any cached DNS entries and allow the clients to attempt a fresh DNS registration.
    7. DNS suffix search order: Check the DNS suffix search order on the clients in network C. Ensure that the domain suffix of the Active Directory domain is listed in the search order. This can be checked and modified in the TCP/IP properties of the network adapter settings.
    8. DNS scavenging: Verify the DNS scavenging settings on the DNS server in network A. If DNS scavenging is enabled, it can delete stale or expired DNS records. Ensure that the scavenging settings are appropriate and not causing the deletion of DNS records for the clients in network C.
    9. Test with a static IP: As a test, try assigning a static IP address to a client in network C and manually register its DNS record using ipconfig /registerdns. If this succeeds, it may indicate an issue with DHCP or the dynamic DNS update process.

    If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".