If you want the primary to answer all dhcp requests unless it is down (for whatever reason) set the value to '255', use '0' to make the secondary responsible.When I joined the company, I noted that a lot of name lookups were failing or pointing at the wrong machines.
I also read that a service account should be configured to carry out the zone updates - which I have now done. Our domain's zone is configured as an AD-Integrated zone with replication to all DNS servers in the forest.
Dynamic updates are set to Secure Only, and Aging is 2 hours no-refresh, 6 hours refresh intervals.
The Dns Update Proxy group, despite its description, had a domain admin account and the BES Service Account as members.
I did a bit of reading and discovered that the group should have DNS computer accounts in, if the zones are configured to only be updated securely - which they were. I am forever getting incorrect / outdated lookups when connecting to machines.
I also noted a staggering amount of old, outdated DNS records.
Scavenging appeared to be configured, but not actually working.
This How To is based on a Debian OS install, the paths given may be different if you use another OS. /bin/bash # /usr/local/bin/# This script is for secure DDNS updates on Samba 4 # Version: 0.8.9 # Uncomment the next line if using a self compiled Samba and adjust for your PREFIX #PATH="/usr/local/samba/bin:/usr/local/samba/sbin:$PATH" BINDIR=$(samba -b | grep 'BINDIR' | grep -v 'SBINDIR' | awk '') WBINFO="$BINDIR/wbinfo" # DNS domain domain=$(hostname -d) if [ -z $ ]; then logger "Cannot obtain domain name, is DNS set up correctly? Exiting." exit 1 fi # Samba 4 realm REALM=$(echo $) # Additional nsupdate flags (-g already applied), e.g.
"-d" for debug NSUPDFLAGS="-d" # krbcc ticket cache export KRB5CCNAME="/tmp/dhcp-dyndns.cc" # Kerberos principal SETPRINCIPAL="[email protected]$" # Kerberos keytab # /etc/dhcpduser.keytab # krbcc ticket cache # /tmp/TESTUSER="$($WBINFO -u) | grep 'dhcpduser')" if [ -z "$" ]; then logger "No AD dhcp user exists, need to create it first..
After checking every possible reason of DHCP not taking care Dynamic DNS updates...
it turns out that there is a memory leak on the dhcp service when DDNS is enabled on that Server.
Any suggestions would be greatly appreciated, Thanks. Apr 29 Server64 nmbd: [2010/04/29 , 0] nmbd/nmbd_incomingrequests.c:process_name_refresh_request(173) Apr 29 Server64 nmbd: Error - should be sent to WINS server Apr 29 Server64 nmbd: [2010/04/29 , 0] nmbd/nmbd_incomingrequests.c:process_name_refresh_request(172) Apr 29 Server64 nmbd: process_name_refresh_request: unicast name registration request received for name NATALIELAPTOP from IP .17 on subnet UNICAST_SUBNET.