Hey everyone! I have a question about how DNS updates function in our network setup. We're experiencing some intermittent issues where certain Windows 10 and 11 clients aren't updating their machine names in Active Directory DNS. Sometimes, their machine names don't show up at all, leading to challenges with updates and support. We're using Active Directory for DHCP, but the clients are configured to use Cisco Umbrella servers for DNS. So I'm trying to figure out a few things:
- Is the DHCP server supposed to notify the AD DNS servers of client IP changes?
- Or is it the client's responsibility to inform the AD DNS server when their IP changes?
- Could it possibly be the Umbrella UVA that handles updating the AD DNS?
As someone who's more of a network guy focusing on the Umbrella side and not a Sysadmin dealing with AD DNS, I'm trying to understand this better!
5 Answers
You should be mindful that for clients with dynamic IP addresses, you might not care about consistent DNS mappings. If that's crucial, consider DHCP reservations for those machines. Generally, having a rigid naming policy can be challenging, especially as scale increases.
Just to add, if DHCP isn't set up to update DNS, that's an issue. Also, ensure that you've configured Umbrella properly. If there’s a setting that routes internal requests to your internal DNS, it needs to be set correctly—I've seen that cause connectivity glitches before.
For our user device VLANs (like laptops and desktops), the clients handle DDNS registration themselves. However, for VLANs that host printers, WAPs, or security devices, we have our InfoBlox appliances manage DDNS for those devices.
Yes, by default, DHCP updates DNS records automatically if you enable the right setting. Just a heads up though, if it's not set up correctly, it could lead to some insecure configurations. So take a look at that checkbox in your DHCP settings.
In a typical setup, the DHCP server is responsible for registering client records with DNS, assuming that setting is enabled in your DHCP scope (which it usually is). It won't communicate through the Umbrella DNS appliances, so that's not the issue.
One thing that really helped us with similar problems was setting up DNS scavenging. It's not enabled by default, and while it's not a perfect solution (there can still be DNS propagation delays), it significantly improved the accuracy of our records. Just keep in mind that DNS scavenging needs to be configured for each zone, including reverse-lookup zones.
Related Questions
Can't Load PhpMyadmin On After Server Update
Redirect www to non-www in Apache Conf
How To Check If Your SSL Cert Is SHA 1
Windows TrackPad Gestures