Enabling Registration of DNS Reverse (PTR) record for Azure IaaS VMs


I was asked to setup an infrastructure in Azure IaaS for a legacy application that requires IPv4 reverse DNS lookup (Limited to the IaaS environment).  So, I setup VMs in Azure, promoted a VM as an Active Directory Domain Controller (Single forest/domain), installed DNS and configured a Reverse DNS zone.  For those who have tried, they probably noticed that none of the computers did dynamically register the reverse lookup (PTR) records in DNS.  So what need to be done for each Azure VMs to register their PTR record dynamically? 

Quite simple, the DNS Dynamic Registration setting under Network Adapter properties / Internet Protocol Version 4 properties / Advanced / DNS must have the "Use this connection's DNS suffix in DNS registration" check.  BUT WAIT!  manual configuration of NIC properties in Azure are not persistent, so it must be automated.

The solution provided below is a suggested solution to automate the process using a PowerShell startup script in Active Directory Group Policy (GPO)

UPDATE 4/22/2015:  PowerShell v3.0 is required for the script to complete work on Win2008R2.  I also attached a VBScript version for those who would rather use VBScript then update all the Win2008R2 systems to PowerShell V3.

Pre-Requisites:

  1. First, a reverse lookup zone must exist.  To create a IPv4 DNS Reverse lookup zone consult: http://technet.microsoft.com/en-us/library/cc816676(v=ws.10).aspx

Create a GPO:

  1. Create a new Group Policy using GPEdit.msc and browse to:  Computer configuration / Policies / Windows Settings / Scripts (Startup/Shutdown) 
  2. In the Details pane, double-click on Startup
  3. In the Startup properties window, click on the PowerShell Scripts tab
  4. Then click on Show Files button, and paste the attached NICConfigPS.ps1 PowerShell script.
  5. In the Startup properties window, click on Add, then Browse and select the file NICConfigPS.ps1, then OK to Close
  6. Click OK to complete the Startup script

Apply the GPO:

  1. Once the GPO is created, it needs to be applied.  I would suggest to apply at an Active Directory Site level which defines the virtual network(s) hosted in Azure

Validation:

  1. *** IMPORTANT ***  A reboot is necessary for the changes to take effect once the GPO is applied.
  2. In DNS Manager, under the reverse DNS Zone, you should see a PTR record for your computer fully qualified domain name (FQDN).
  3. Also, from a command prompt: PING -a <IP Address of your server>.  Now, it should return the FQDN of your server

.

NICconfig.zip

Comments (0)

Skip to main content