You can inspect your AD machines using usual admin tools to see if your Linux machines are listed. I wrote a long time ago elsewhere that a healthy AD requires a "troika" of integrated DNS, DHCP and Domain Controller(s). If any one of them isn't working properly, then stuff like DHCP leases aren't passed on and into your DNS automatically, and won't necessarily show up in your DCs with accurate information (the order of what I described is not necessarily accurate, all three will accept various types of info and pass to the other two).If any one of them isn't working properly, then stuff like DHCP leases aren't passed on and into your DNS automatically, and won't necessarily show up in your DCs with accurate information (the order of what I described is not necessarily accurate, all three will accept various types of info and pass to the other two). And, shared information between the members of "the troika" aren't immediate, you will likely have to wait a period of time for updates to happen.* **Verify in the Umbrella Dashboard**—Within 90 seconds of changing DNS on an endpoint, you should start seeing traffic containing the Internal IP address in the Reports section of the Umbrella dashboard.[block:image] [/block] Umbrella recommends testing for between 2 and 5 days with several computers, preferably from different areas of your organization, before switching all production traffic to the VAs.In order to begin enforcing your settings, DNS traffic from the endpoints on your network must exclusively use the VAs as DNS forwarder.###Testing VAs Before configuring endpoints to utilize the VAs for DNS traffic, ensure that the VAs are capable of resolving public and local DNS queries.When a computer is plugged into our wired network for the first time, it always shows an IP conflict until we assign one manually.I don't know if that's related to DNS problem or not, but I figured the more info the better, right?
Client computers are set up with static IP addresses, and with the Preferred DNS server set to x.x.x.254, which is the IP address of our modem.
We will start with understanding RBAC (Role-Based Access Control) vs Local Administrative Groups IPAM has two methods for delegated administration.
On one hand we have the Local Administrative Groups that are on the IPAM server itself.
When these settings are intact, everything works beautifully.
However, upon restart, the client computers' Preferred DNS Server keeps resetting to x.x.x.5. When that happens, internet connectivity becomes spotty or nonexistent.