Monday, April 18, 2016

Reverse DNS Entries Are Not Being Added Automatically – Event ID:1056

Reverse DNS Entries Are Not Being Added Automatically – Event ID:1056
If you are working with, well almost anything network intensive these days, like Antivirus or management tools, your Reverse DNS (rDNS) lookups need to be in good shape.  If you find that you can not resolve IP’s back to a name on your network check your DNS REVERSE LOOKUP ZONE.  If there are missing entries, you likely have your DHCP missing one of two settings:

SET DHCP TO AUTOMATICALLY CREATE DNS ENTRIES

  1. Launch DHCP
  2. Right click on your SCOPE and select PROPERTIES
  3. Click the DNS tab
  4. Make sure that the following settings are on
    1. ENABLE DNS DYNAMIC UPDATES
      1. ALWAYS DYNAMICALLY UPDATE DNS A AND PTR RECORDS
    2. DISCARD A AND PTR RECORDS WHEN LEASE IS DELETED
    3. DYNAMICALLY IPDATE DNSA a AND PTR RECORDS FOR DHCP CLEINTS THAT DO NOT REQUEST UPDATES

SET CREDENTIALS TO ALLOW DHCP SET TO DYNAMICALLY UPDATED DNS ENTRIES

  1. Using Active Directory Users and Computers create a standard domain user and set the password to DOES NOT EXPIRE.
  2. Launch DHCP
  3. Right click on IPv4 and select PROPERTIES
  4. Select the ADVANCED tab
  5. Click the CREDENTIALS button
  6. Enter the user information you created in step one
This is required if you have DHCP installed on a Domain Controller.  It is an issue on Server 2000, 2003, 2008, 2008R2, Server 2012, Server 2012 R2 and will likely be an issue in the newer builds.  If you check your servers event viewer you will see EVENT ID 1056:
The DHCP service has detected that it is running on a DC and has no credentials configured for use with Dynamic DNS registrations initiated by the DHCP service.   This is not a recommended security configuration.  Credentials for Dynamic DNS registrations may be configured using the command line “netsh dhcp server set dnscredentials” or via the DHCP Administrative tool.
If you want more information you may find the following useful:
http://technet.microsoft.com/en-us/library/c0e87732-985c-4c9c-83b4-70c679cad748.aspx
http://support.microsoft.com/kb/282001
http://jackstromberg.com/tag/dhcp/

http://social.technet.microsoft.com/Forums/windowsserver/en-US/d97cf295-1345-4be7-bfcd-6d59436d93b2/ttl-times-on-a-records-dns-records-disappearing?forum=winserverNIS