Re: Domain authentication problem


"Ace Fekay [MVP]" wrote:

In news:0D97EF2A-EA35-47C4-8D3C-4BB6186C1DD6@xxxxxxxxxxxxx,
Newell White <NewellWhite@xxxxxxxxxxxxxxxxxxxxxxxxx> typed:
Comments in-line

In news:C26B0389-F699-4993-AC21-D051820B31D2@xxxxxxxxxxxxx,
Newell White <NewellWhite@xxxxxxxxxxxxxxxxxxxxxxxxx> typed:
OK I guess that restarting DHCP service restored the default
configuration of Dynamic DNS, hence updates now enabled. My brain
not at full speed 8a.m. (UK time) on Monday morning!

So I will monitor memory usage of tcpsvcs.exe to see if MS have
fixed this bug, or to free up the memory as recommended in
kb/939928 when required.

Ok, so you followed the article's instructions to retrieve and
install the hotfix? If so, there's no need to disable DHCP's
ability to automatically perform updates for clients. Curious, what
symptoms did you observed to believe you needed this hotfix? So far
I've handled a large client base and have not ever had a problem or
seen this issue. Maybe you can elborate so I can understand.

No, as an ex-software author and supplier I am not a fan of hot fixes
from either side of the counter.
I followed the work-around.

Problem appeared a few months after I introduced about 16
reservations into our scope.
So that these could be duplicated on both DHCP servers I allocated IP
addresses in an excluded interval.
3-4 weeks after server re-start (updates from MS) I got some warnings
in server event viewer that it was having to increase the size of
pagefile.sys. Investigation showed tcpsvcs.exe was using 290Mbyte RAM
(1G installed) and 3x as much virtual memory. A deeper look showed
same thing had happened the month before, cured by server restart.

Also, you mentioned this earlier:

/begin quote:
Somethimes when I ping some machine, the IP isnt returned. So I
cant reach those machines.
<snip>
9. Forwarder(s) configured?

Ace


I am not OP, I joined thread when you said to OP it was important
that DHCP server does Dynanic DNS updates - I was not aware then that
restarting DHCP server (apparently) restores this as default after I
turned it off.
I was interested in why that is important when most LANs now only have
modern Windows versions where clients can register their own IP
address with DNS.

Oops, sorry. I thought you were the OP under a different name. It happens
alot. Some will post under one account or thru the web, then later again and
use a different name or account.

As for the hotfixes, they are a necessary evil to fix things that are broke,
such as in your case. Matter of fact, the hotfixes get rolled up in future
service packs. Microsoft recognized a problem with a service and provided a
fix. I would rather install the hotfix as well as have DHCP register my
clients, IMHO, so I would have chosen the hotfix for these two reasons.

The DNS Update capabilities of a DHCP server is actually DHCP Option 081,
which MIcrosoft supports this part of the DHCP RFC. Routers do not.

If DHCP registers the client, DHCP owns the record and will change the
record for the client. The default setting is to register if the client
requests.

Here's a good read on it. Also pay attention to the part about the
DNSUpdateProxy group.

317590 - HOW TO Configure DNS Dynamic Update in Windows 2000 [DNS reg-dereg
and DNSUpdateProxy Group]:
http://support.microsoft.com/default.aspx?scid=kb;en-us;317590&Product=win2000#51

Ace


Thanks Ace.
It is a good read, like a whodunit.
In fact I still don't know whodunit.
Our clients (WinXP Pro SP2) are configured to Register IP address with DNS,
our DHCP servers are configured to register records with DNS for clients
which request this service.

But I can't work out whether the clients are contacting the DNS server
directly, or the DHCP server to request it to do so on their behalf.

I'd better read it again :-)
BTW tcpsvcs.exe memory is now well-behaved, growing at 20kbyte/day.

As for merit of hotfixes, sometimes even pukka updates that have been
compatibility -tested to death can apparently cause PDCs to stop distributing
time to NT5DS configured domain members - if we are to believe what I have
just read in this news group.

Thanks for info.

Regards,
Newell White




.

Relevant Pages

  • Re: Multiple PTR records wont go away in the reverse zone.
    ... What about the DHCP setting "Dynamically update DNS A and PTR records only ... if requested", so clients will specify. ... I do agree with all your DHCP server recommendations (especially entering ... there is no other reason for a client to register in DNS when off ...
    (microsoft.public.windows.server.dns)
  • Re: Microsoft DHCP server not updating non-Microsoft DNS
    ... There are no firewalls between the DHCP Server and DNS Servers. ... The InfoBlox Zone is setup to allow DDNS Updates from the DHCP server only. ...
    (microsoft.public.windows.server.dns)
  • Re: Multiple PTR records wont go away in the reverse zone.
    ... When scavenging was implemented a few months ago, ... to the DHCP server to clear DNS A and PTR records, ... What we're afraid of is having server DNS entries deleted again. ... if requested", so clients will specify. ...
    (microsoft.public.windows.server.dns)
  • RE: DHCP Server does not update DNS
    ... take a look at the "Register PTR Records" section in the following KB article ... New Group Policies for DNS in Windows Server 2003 WGID:358 ... >the DHCP server by registering RR of its clients. ...
    (microsoft.public.windows.server.networking)
  • Re: DHCP, DNS, DDNS Question
    ... You set the behavior of the DHCP server in the DNS tab of the scope ... If the clients are not members of the domain you can run into ...
    (microsoft.public.windows.server.networking)