question

FredWeston-5071 avatar image
0 Votes"
FredWeston-5071 asked ·

Windows 10 clients not registering with DNS

I am in the process of setting up DNS aging / scavenging on my AD DNS zone and the first step before I enable scavenging is to make sure that client DNS registration is working properly.

Here is a bit of background on the environment:

  • 3 Windows 2016 AD servers (2016 functional level)

  • DHCP is not handled by Windows, but the DNS servers DHCP clients receive are the AD servers

  • All clients are Windows 10 (mostly 20H2 but a few 2004 may be mixed in)

  • I have set a domain wide GPO to specify the client refresh interval under Computer Configuration -> Administrative Templates -> Network -> DNS Client -> Registration Refresh Interval -> Enabled / 1800

  • I have also specified the primary domain suffix (same as AD domain name) and enabled dynamic registration in the GPO at the same location

  • On my DNS servers, for the AD zone I have set the no-refresh interval to 1 hour

After waiting a day or so to ensure GPO has fully applied I am not seeing the behavior I expect and I need some help understanding why.

Based on my understanding of how this works, all clients should be trying to register their names with DNS when they get a DHCP lease and should subsequently be trying to refresh their hostnames every 30 mins (per GPO setting). Since I have the DNS zone's no-refresh interval set to 1 hour, I should see the timestamp for each client getting updated at least every 90 mins (60 min no-refresh period + 30 min refresh interval configured on client).

Unfortunately, the behavior I'm seeing seems to be all over the place. I see some clients that have refreshed their DNS registration as recently as a few hours ago and some that haven't done so since last year.

On a computer that hasn't updated since last year I verified that GPO was up to date, and I tried to force registration using ipconfig /registerdns and net stop netlogon & net start netlogon. Unfortunately, that didn't seem to have any effect as the DNS timestamp value for that PC has not changed. I tried looking in event viewer on that PC under both System and Windows > DNS Client sections but I didn't see any relevant info.

Questions:

1) Is my assumption that I should be seeing DNS timestamps for client devices that are at most 90 mins old correct?
2) What would be the next steps for troubleshooting the client that hasn't updated its DNS timestamp since last year?



windows-dhcp-dns
10 |1000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

CandyLuo-MSFT avatar image
0 Votes"
CandyLuo-MSFT answered ·

Hi ,

Windows 10 clients not registering with DNS

If you manually delete the record, then run FlushDNS and RegisterDNS command, will the record be updated successfully?

DHCP is not handled by Windows, but the DNS servers DHCP clients receive are the AD servers

Did you mean that you are not using windows DHCP server? For this non-windows DHCP server, did you configure it to perform dynamic DNS updates on behalf of the DHCP clients?

I see some clients that have refreshed their DNS registration as recently as a few hours ago and some that haven't done so since last year.

In addition, please check the ownership of these problematic DNS record and compare with normal DNS records' ownership.

Best Regards,

Candy


If the Answer is helpful, please click "Accept Answer" and upvote it.

Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.



·
10 |1000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

FredWeston-5071 avatar image
0 Votes"
FredWeston-5071 answered ·

If you manually delete the record, then run FlushDNS and RegisterDNS command, will the record be updated successfully?

I'm not sure - what I determined is that if I use registerdns command the host does actually register. The issue is that I was looking at the wrong DNS server. It seems that when clients register with DNS, they lookup the SOA record for the zone and then choose a server (seemingly at random) to register with. If scavenging is not enabled on the zone, the record timestamps do not replicate between DNS servers so I was looking at a server that showed an old timestamp, but when I looked specifically at the server the client registered with I did see an updated timestamp.

Did you mean that you are not using windows DHCP server? For this non-windows DHCP server, did you configure it to perform dynamic DNS updates on behalf of the DHCP clients?

No, there is no integration between DHCP/DNS for DDNS registration. I am relying on the clients themselves to register with DNS.

In addition, please check the ownership of these problematic DNS record and compare with normal DNS records' ownership.

All of the records show that the computer that created it has permission to update it. Is there anything beyond that that I would need to check?




·
10 |1000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.