To successfully update, the AD computer account needs to have Modify rights to its own dns Node AD object.
This can get complicated so if you suspect this is the case, we advise checking out this blog post entitled How to Fix Dynamic DNS Record Permissions Automagically. Temporarily enable DNS debug logging on your DNS server Enabling debug logging on your DNS server allows the server to begin generating a debug log of all dynamic update activity. We have a Power Shell script to ease the pain by displaying the content in a more user-friendly format.
Feel free to refer to this blog post for more information on the script and how to use it.
We hope this primer to troubleshooting dynamic DNS updates was able to point you in the right direction to the problem -- and a solution.
From there, the client continues communicating with the primary DNS server that accepted the A record update.
Please see For a static client, the client will communicate directly with the authoritative DNS server to update its PTR record.
This then causes duplicate names on the network and all hell breaks loose. I have found some notes about similar issues and made the suggested changes, but the problem has not gone away.
Some customers have reported issues with Microsoft Dynamic Updates after installing virtual appliances (VAs) in their environment or installing the Umbrella Roaming Client on some machines.
You bring the new computer online and it obtains a DHCP lease for the same IP address. However, when you try to resolve the name of the new computer, the old computer's name still comes up. Here's how we'll start the troubleshooting process: 1.
Check the DNS client service of the new computer The DNS client service is the service that does the actual update.
When a problem occurs start from the client and work your way back.
If the client isn't sending the update, it's not getting to the server so server troubleshooting will be useless.