Forum Discussion

Troy Davis's avatar
Troy Davis
Copper Contributor
Aug 14, 2019

Migrated DCs to 2019 getting numerous 20319 Events

Just migrated DCs over to 2019 and I'm seeing a large number of Event 20319 Name Registration with the user NETWORK SERVICE. "Forward record registration for IPv4 address [[x.x.x.x]] and FQDN CompNa...
Networking
Windows Server
  • Troy Davis's avatar
    Troy Davis
    Sep 04, 2019

    Actually think I just figured it out.  Seems I forgot to update the DnsUpdateProxy Security Group with the new DCs.

    One thing I also noticed was that the computers that kept showing up in the 20319 events all had their computer account instead of the DHCP Update account having permissions on its DNS entry. Deleted the computer and added DHCP Update with the same rights as all the other computers that did have DHCP Update...released/renewed and all seems to be well. 

    So, I'm going to mark the solution as the following:  make sure all is set up according to https://blogs.msmvps.com/acefekay/2016/08/13/dynamic-dns-updates-how-to-get-it-to-work-with-dhcp-sca...

    This is where I noticed that I forgot to update the DnsUpdateProxy SG with the new DCs.  Then, on the problematic computer's DNS entry, I had to manually delete the computer account permissions and add the DHCP Update credential permissions.  When I released/renewed, I no longer had the 20319 events.

Troy Davis's avatar
Troy Davis
Copper Contributor

Dave Patrick 

Please see the above screenshot showing the reverse zone exists as well as the tag that is referenced in the one event is listed in the reverse zone...

Dave Patrick's avatar
Dave Patrick
MVP
Aug 14, 2019

I see that but we cannot tell from what you posted that it is correct for the network and mask so might try recreating the zone.

 

 

  • Troy Davis's avatar
    Troy Davis
    Copper Contributor
    Aug 14, 2019

    Dave Patrick 

    Thanks for the reply btw...what more information would you need to determine if it is the correct reverse zone?

      • Troy Davis's avatar
        Troy Davis
        Copper Contributor
        Aug 14, 2019

        Dave Patrick 

        I guess I don't understand what you are trying to say.  I was asking what you wanted me to show you or tell you to determine if it was correct?  Sorry if I'm being dense today.

        Everything migrated over from the old 2012R2 DC w/out issue.  Same reverse zone and everything that was on the old PDC/SDC.  Is there some sort of permissions that NETWORK SERVICE should have to update DNS or is that all handled by the DHCP User credentials that is set up.  Because as you can see from the screenshot, the reverse record is being updated (the migration took place on 08/10/2019).  So I'm at a loss as to why they are being updated, yet I'm getting those events.

        Reverse Lookup Zones container have the following:

        0.in-addr.arpa

        127.in-addr.arpa

        255.in-addr.arpa

        xx.xx.xx.in-addr.arpa

Resources