December 8, 2018 at 10:23 pm #610353
Wondering if clients registering their DNS record in an Active Directory environment is necessary for it to function?
DNS records are basically for clients to find resources in an Active Directory environment so having A records for the local printer server or domain controller makes sense. But what are the purposes of a client registering their own A record? Aside from maybe allowing an administrator to remote in the machine by domain name instead of IP address. Thanks!
OssianModeratorDecember 9, 2018 at 3:37 am #610384
If you look deeply into AD, there is a lot of mutual authentication taking place, and servers expect the clients to be registered, also the clients expect (and keep trying) to register.
(in other words, “If it ain’t broke, don’t try to fix it”)December 9, 2018 at 8:37 am #610396
What kind of mutual authentication is taking place between the servers and the clients? Could you explain or point me to some documentation that go through this process? Does the server actually query the clients DNS record? Haha for sure if it ain’t broke, don’t fix it I am kind of trying to get this deeper understanding of AD
BloodModeratorDecember 10, 2018 at 8:42 am #610512
Microsoft’s site contains extensive documentation on this. That would be your best starting point.December 11, 2018 at 4:44 am #610595
Don’t mean to be a burden here but I’m not sure exactly what I should be looking for. I can find topics on the types of service records that a client needs to find resources in an AD environment but nothing on why it’s completely necessary for a client to register its DNS record…. As long as the client is able to query and find the DC and other services like Kerberos etc… It’s not essential that a client have its own DNS record registered to function is it??
BloodModeratorDecember 11, 2018 at 5:43 am #610599
One example: If you installed WSUS, which is a server role and configured it to provide updates to your clients, WSUS will need to connect to those clients. As you know, any communication on a local network using A records progresses as A Record > IP Address > MAC Address in order to connect to the destination machine. Without the A Records the clients would not be able to register with WSUS nor be able to receive updates.
A records map the name to the IP Address. Our clients connect to our data servers, remote access server, etc., servers by name. A server is used in its ordinary sense in that a server serves data and can, therefore, reside on a server OS or a client OS. Without those A records the connection attempt would fail unless staff knew the IP Address of the required resource.
wullieb1ModeratorDecember 11, 2018 at 6:04 am #610603
Some light bed time reading
as well as
DNS is pretty critical to the operation of AD and in all the years that i’ve worked in IT i’ve never NOT registered clients in DNS, typically done through DHCP.
I can’t actually find anything at the moment that stipulates you MUST register your system in DNS, i don’t actually see any reason why you wouldn’t, but its pretty late here and i have an early start. I’ll try and find something when i get into the office tomorrow.
You must be logged in to reply to this topic.