I am in the process of setting up DNS aging / scavenging on my AD DNS zone and the first step before I enable scavenging is to make sure that client DNS registration is working properly.
Here is a bit of background on the environment:
3 Windows 2016 AD servers (2016 functional level)
DHCP is not handled by Windows, but the DNS servers DHCP clients receive are the AD servers
All clients are Windows 10 (mostly 20H2 but a few 2004 may be mixed in)
I have set a domain wide GPO to specify the client refresh interval under Computer Configuration -> Administrative Templates -> Network -> DNS Client -> Registration Refresh Interval -> Enabled / 1800
I have also specified the primary domain suffix (same as AD domain name) and enabled dynamic registration in the GPO at the same location
On my DNS servers, for the AD zone I have set the no-refresh interval to 1 hour
After waiting a day or so to ensure GPO has fully applied I am not seeing the behavior I expect and I need some help understanding why.
Based on my understanding of how this works, all clients should be trying to register their names with DNS when they get a DHCP lease and should subsequently be trying to refresh their hostnames every 30 mins (per GPO setting). Since I have the DNS zone's no-refresh interval set to 1 hour, I should see the timestamp for each client getting updated at least every 90 mins (60 min no-refresh period + 30 min refresh interval configured on client).
Unfortunately, the behavior I'm seeing seems to be all over the place. I see some clients that have refreshed their DNS registration as recently as a few hours ago and some that haven't done so since last year.
On a computer that hasn't updated since last year I verified that GPO was up to date, and I tried to force registration using ipconfig /registerdns and net stop netlogon & net start netlogon. Unfortunately, that didn't seem to have any effect as the DNS timestamp value for that PC has not changed. I tried looking in event viewer on that PC under both System and Windows > DNS Client sections but I didn't see any relevant info.
1) Is my assumption that I should be seeing DNS timestamps for client devices that are at most 90 mins old correct?
2) What would be the next steps for troubleshooting the client that hasn't updated its DNS timestamp since last year?