Here's how you can troubleshoot and identify potential problems with DDNS. It's hard to imagine having to manually add and remove DNS records as fast as machines are constantly getting replaced in most IT organization these days. When DDNS is working properly it's wonderful, but when it fails it can sometimes turn into a major pain to troubleshoot. If you're not familiar with how DDNS and AD work together, you may not realize just how many moving parts there are with this product check out Understanding Dynamic Update from Technet to learn more.
When one link in the chain fails, records may stop getting updated or may even get removed altogether inadvertently! Help Desk calls incoming! DDNS can sometimes go on a walkabout and it's important to know where to start troubleshooting if this happens. Let's demonstrate a typical troubleshooting scenario that you may come across with DDNS.
However, when you try to resolve the name of the new computer, the old computer's name still comes up. DDNS hasn't done it's job in updating the record. Here's how we'll start the troubleshooting process: If this service is stopped for some reason no update will proceed. If it's started, ensure there's no events in the computer's System event log that indicate a problem. This must be checked for the DDNS process to proceed.
There are a few other settings that must be correct on each client as well. Here's a PowerShell script that lets you easily test for multiple different problem scenarios. Ensure dynamic updates are enabled on the DNS zone This is less likely to be the problem because all clients would not be working is the dynamic updates setting on the DNS zone.
If set to None, dynamic updates will not work. If set to Secure, you may begin to see more instances like the ones we'll be talking about in 4 below. Check permissions on the dnsNode AD object This problem in particular was extremely hard for us to track down on one occasion. This log can sometimes be hard to read.
We have a PowerShell script to ease the pain by displaying the content in a more user-friendly format. Feel free to refer to this blog post for more information on the script and how to use it.
We hope this primer to troubleshooting dynamic DNS updates was able to point you in the right direction to the problem -- and a solution. When a problem occurs start from the client and work your way back. If the client isn't sending the update, it's not getting to the server so server troubleshooting will be useless. Likewise, if the server is receiving the update but the record is still not getting updated then it might be a dnsNode object permission problem. Just remember to follow the workflow.
If you need help, this Technet article is a great resource we'd recommend for understanding the entire workflow from client to server.