DHCP, DNS, DDNS Question

05-22-2006, 05:04 PM

I am in the middle of a Novell to Windows migration. As part of this process,
I installed AD on Win 2003, and configured DNS at that time. I just did a
typical DNS configuration.

Additionally, I set up DHCP and configured the scopes. For the most part, I
left all the default settings. I also configured WINS at the same time.

It is my understanding that as client (WinXP) start to take addresses from
DHCP, the DNS name of that system should be registered in DNS. However, I am
not finding these A records or PTR records listed at all.

The only exception is when I actually join the system to the domain, then
the system is registered with A and PTR records.

All systems are registering with WINS which is allowing me to ping
%computername% and get a response. However, I would like to have DNS hold A
records for the systems (as I assume that this is actually the preferred
configuration).

Am I doing something wrong, or is my understanding of how DDNS should work
faulty?

---
Richard Perry
Systems Administrator/Programmer
Shadow Mountain Ministries
San Diego Christian College
Southern California Seminary
Christian Unified Schools of San Diego

05-23-2006, 02:49 AM

It isn't quite as simple as that. This is essentially a security issue.
If the clients are AD members they will probably be regarded as sufficiently
reliable to register their own information. I think that the default
settings only allow domain members to update their own records.

You can set things up so that DHCP can register both A and PTR records
for clients but it won't happen by default.

Richard Perry wrote:
> I am in the middle of a Novell to Windows migration. As part of this
> process, I installed AD on Win 2003, and configured DNS at that time.
> I just did a typical DNS configuration.
>
> Additionally, I set up DHCP and configured the scopes. For the most
> part, I left all the default settings. I also configured WINS at the
> same time.
>
> It is my understanding that as client (WinXP) start to take addresses
> from DHCP, the DNS name of that system should be registered in DNS.
> However, I am not finding these A records or PTR records listed at
> all.
>
> The only exception is when I actually join the system to the domain,
> then the system is registered with A and PTR records.
>
> All systems are registering with WINS which is allowing me to ping
> %computername% and get a response. However, I would like to have DNS
> hold A records for the systems (as I assume that this is actually the
> preferred configuration).
>
> Am I doing something wrong, or is my understanding of how DDNS should
> work faulty?
>
> ---
> Richard Perry
> Systems Administrator/Programmer
> Shadow Mountain Ministries
> San Diego Christian College
> Southern California Seminary
> Christian Unified Schools of San Diego

05-23-2006, 03:30 AM

I thought that might be the case. So then my next question is this. If
setting up the DHCP server to manage both A and PTR records is possible (and
likely the only to accomplish what I am looking for during this time), why
would I NOT want to enable this for now?
--
---
Richard Perry
Systems Administrator/Programmer
Shadow Mountain Ministries
San Diego Christian College
Southern California Seminary
Christian Unified Schools of San Diego

"Bill Grant" wrote:

> It isn't quite as simple as that. This is essentially a security issue.
> If the clients are AD members they will probably be regarded as sufficiently
> reliable to register their own information. I think that the default
> settings only allow domain members to update their own records.
>
> You can set things up so that DHCP can register both A and PTR records
> for clients but it won't happen by default.
>
> Richard Perry wrote:
> > I am in the middle of a Novell to Windows migration. As part of this
> > process, I installed AD on Win 2003, and configured DNS at that time.
> > I just did a typical DNS configuration.
> >
> > Additionally, I set up DHCP and configured the scopes. For the most
> > part, I left all the default settings. I also configured WINS at the
> > same time.
> >
> > It is my understanding that as client (WinXP) start to take addresses
> > from DHCP, the DNS name of that system should be registered in DNS.
> > However, I am not finding these A records or PTR records listed at
> > all.
> >
> > The only exception is when I actually join the system to the domain,
> > then the system is registered with A and PTR records.
> >
> > All systems are registering with WINS which is allowing me to ping
> > %computername% and get a response. However, I would like to have DNS
> > hold A records for the systems (as I assume that this is actually the
> > preferred configuration).
> >
> > Am I doing something wrong, or is my understanding of how DDNS should
> > work faulty?
> >
> > ---
> > Richard Perry
> > Systems Administrator/Programmer
> > Shadow Mountain Ministries
> > San Diego Christian College
> > Southern California Seminary
> > Christian Unified Schools of San Diego
>
>
>

05-23-2006, 06:05 AM

You set the behavior of the DHCP server in the DNS tab of the scope
properties. If the clients are not members of the domain you can run into
problems with ownership of the DNS records. You need to make the DHCP server
a member of the DnsUpdateProxy group in AD to ensure that the DHCP server
itself does not become the owner of the DNS record it has registered on
behalf of a client.

Richard Perry wrote:
> I thought that might be the case. So then my next question is this. If
> setting up the DHCP server to manage both A and PTR records is
> possible (and likely the only to accomplish what I am looking for
> during this time), why would I NOT want to enable this for now?
>
>> It isn't quite as simple as that. This is essentially a security
>> issue. If the clients are AD members they will probably be regarded
>> as sufficiently reliable to register their own information. I think
>> that the default settings only allow domain members to update their
>> own records.
>>
>> You can set things up so that DHCP can register both A and PTR
>> records for clients but it won't happen by default.
>>
>> Richard Perry wrote:
>>> I am in the middle of a Novell to Windows migration. As part of this
>>> process, I installed AD on Win 2003, and configured DNS at that
>>> time. I just did a typical DNS configuration.
>>>
>>> Additionally, I set up DHCP and configured the scopes. For the most
>>> part, I left all the default settings. I also configured WINS at the
>>> same time.
>>>
>>> It is my understanding that as client (WinXP) start to take
>>> addresses from DHCP, the DNS name of that system should be
>>> registered in DNS. However, I am not finding these A records or PTR
>>> records listed at all.
>>>
>>> The only exception is when I actually join the system to the domain,
>>> then the system is registered with A and PTR records.
>>>
>>> All systems are registering with WINS which is allowing me to ping
>>> %computername% and get a response. However, I would like to have DNS
>>> hold A records for the systems (as I assume that this is actually
>>> the preferred configuration).
>>>
>>> Am I doing something wrong, or is my understanding of how DDNS
>>> should work faulty?
>>>
>>> ---
>>> Richard Perry
>>> Systems Administrator/Programmer
>>> Shadow Mountain Ministries
>>> San Diego Christian College
>>> Southern California Seminary
>>> Christian Unified Schools of San Diego

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
Setting the bind and dhcp for use as dns/ddns	alike	Linux Networking	4	01-02-2012 12:10 PM
Webmin, DHCP+DNS (DDNS)	Dungeon Dave	Linux Networking	2	04-27-2009 10:06 AM
DDNS Update Over-writes DHCP Registered address?	Cliff	Windows Networking	0	09-22-2008 10:08 AM
ISC dhcp & bind9 ddns problem	Cousin Scuzzy	Linux Networking	0	03-06-2006 11:02 PM
dhcp ddns not working for fixed-address?	Thomas Jachmann	Linux Networking	0	08-22-2003 03:43 PM