Bes last contact time not updating
I also read that a service account should be configured to carry out the zone updates - which I have now done. The Dns Update Proxy group should contain the computer accounts of your DHCP servers, so DC1 and DC2 in your case.In DNS console, find an outdated record, go to the Security tab and take a look at the owner of the record.In most cases, the client should own it's own record.So the DNS client service on the PC's should be updating the record when they receive a new IP.At the same time, I'm combing through AD and rationalizing group memberships.
Discard A and PTR records when lease is deleted Dynamically update for DHCP clients that do not request updates As far as my understanding goes (which is clearly not far enough), DHCP should update DNS as soon as it itself updates.Our DHCP was set to lease addresses for 1 day, for reasons which were never explained to me.I set this back to 7 days, in an attempt to give DNS a chance to 'catch up' before the addresses potentially changed again, but we're still getting incorrect DNS entries. Our settings are now an amalgam of what went before (which didn't work) and what I've gleaned from MS documentation.I'm wondering if I remove all records which don't have the service account present, will these then be regenerated correctly, and updated properly going forward? You can try deleting some of the outdated records, and then either let DHCP refresh the records or do an ipconfig /registerdns from the client. You still should be looking at why scavenging is not running in your environment.
All records with a timestamp of today (specifically the two machines we just rebuilt) don't have the service account in the permissions - they do have their own computer account, and the owner is SYSTEM.In the Advanced TCP/IP settings of each clients network adapter, is "Register this connection's addresses in DNS" checked? I've picked two records that are out of date - the owner is SYSTEM.