[Samba] Dynamic DNS updates from Windows 10 workstations

Thu Apr 8 07:26:04 UTC 2021

Few key point on getting this to work. 

Make sure all forward (primaryDNSdomains.tld) are set correctly, 
that the reverse zones exists, but im sure you have this set.. 
This is used in registration in the dns to get the correct zones. 

Dynamic IP's or Static IP's with Win10 all should be registered by default
If you see older IP's which are not updated at all, look at that owner
Of the DNS records, add the computer account to it and see if the computer
can fix it at its own, or not, remove it and reboot the computer, should be added again, if not, whats windows eventlogs showing.

also, try setting : dns zone scavenging = yes in smb.conf 
Default its No. 

That should cleanup old records

Greetz, 

Louis

> -----Oorspronkelijk bericht-----
> Van: samba [mailto:samba-bounces at lists.samba.org] Namens Peter Milesson
> via samba
> Verzonden: woensdag 7 april 2021 21:34
> Aan: samba at lists.samba.org
> Onderwerp: Re: [Samba] Dynamic DNS updates from Windows 10 workstations
> 
> 
> 
> On 2021-04-07 20:27, Rowland penny via samba wrote:
> > On 07/04/2021 19:12, Peter Milesson via samba wrote:
> >>
> >>
> >> On 2021-04-07 19:23, Rowland penny via samba wrote:
> >>> On 07/04/2021 17:41, Peter Milesson via samba wrote:
> >>>> Hi folks,
> >>>>
> >>>> I just finished setting up a secondary AD DC using Louis' packages
> >>>> (thanks a lot Louis) on Debian Buster. No real problems or serious
> >>>> headaches there, DNS, DNS replication, Sysvol replication all
> >>>> working. Both DCs use the Samba internal DNS server.
> >>>>
> >>>> I noticed that there are many extremely old and stale DNS A records
> >>>> for Windows 10 workstations getting their IP addresses from a
> >>>> dnsmasq DHCP server (just using the DHCP part, not DNS). On all
> >>>> workstations, registration of the IPv4 address with DNS is enabled.
> >>>> It's absolutely plain that no DNS records are updated. How can I
> >>>> get the dynamic update in the DNS servers working?
> >>>>
> >>>> Best regards,
> >>>>
> >>>> Peter
> >>>>
> >>>>
> >>>
> >>> Windows clients are supposed to be able to update their own dns
> >>> records, so I would suggest looking at them, there is nothing built
> >>> into Samba to update dns records.
> >>>
> >>> Rowland
> >>>
> >>>
> >>>
> >> Hi Rowland,
> >>
> >> Maybe I've got things wrong, but what entity is responsible for
> >> updating the A records in the Samba DNS servers,
> >
> >
> > It is either the Windows clients themselves, or the DHCP server. The
> > DHCP server must be capable of updating the dns records directly (I
> > don't know any DHCP server capable) or it must be capable of running a
> > script when the dns data is committed (I only know of one capable of
> > this, the isc-dhcp-server).
> >
> >> and when? Just an example, I have got a Windows 10 workstation with
> >> the following data in the AD DNS entry:
> >>
> >> Name: p2012022901
> >> Type: Host (A)
> >> Data: 172.16.10.184
> >> Timestamp: 4/7/2019 11:00:00 AM
> >
> >
> > That doesn't look like it has changed since 2019
> >
> >>
> >> The workstation is used every day, restarted frequently, having the
> >> latest Windows updates, but the IP address for the A record is wrong,
> >> currently it is 172.16.10.185 (from the DHCP server). Shouldn't the
> >> Windows 10 workstation register itself with the AD DNS with the given
> >> IP address? The tick box is checked for the IPv4 settings.
> >
> >
> > Is there anything else getting in the way, Firewall ? GPO ?
> >
> >>
> >> If my questions seem stupid or based on lack of knowledge, please
> >> correct me, so I can learn from this and get things right.
> >>
> >
> > Not stupid, might be lack of knowledge, but if it is, I am as guilty
> > as you are, I don't use many Windows machines, and the ones I do use,
> > all have fixed IP's.
> >
> > Rowland
> >
> >
> Hi Rowland,
> 
> Thanks for your advice. The timestamp is really from 2019 almost exactly
> 2 years old. There are just a few very basic GPOs applied. The other
> workstations use the same GPOs. Some of the workstations update the data
> correctly, and a few not. The dnsmasq DHCP server which I use, is not
> able to handle any DNS updates, so that task is up to the Windows
> workstations.
> 
> I will try to unjoin the offending workstations from the domain and join
> them again. If that does not help, I can always try to make clean
> installations of Windows. The offending workstations are mostly older
> (except one), originally upgraded from Windows 7, previously used in a
> Samba NT4 domain. I don't know if it's a long shot, but may really be
> the underlying cause.
> 
> Thanks for your input.
> 
> Best regards,
> 
> Peter
> 
> 
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba