Dns not updating from dhcp


25-Aug-2017 23:48

You must carefully weigh the convenience of this facility for users against the security risk created when you enable dynamic DNS updates.

The DHCP issues the ip address with the SLP info and updates the DNS/DDNS info.

Q: Does setting DNS dynamic update credentials on DHCP achieve the same result as adding a DHCP server to the Dns Update Proxy group?

Combined with Active Directory (AD) it makes managing thousands of DNS records for clients and servers a breeze.

It's hard to imagine having to manually add and remove DNS records as fast as machines are constantly getting replaced in most IT organization these days.

This is because DHCP doesn’t own the record, the client does, even though DHCP registered it. If you have Windows 2008 R2, in addition to configuring the DNS tab to force registration, you still must configure credentials and add the server to the Dns Update Proxy group.

The way to get around this is you can configure DHCP’s Option 081 to update the record for all client, no matter if the client asks or not. If DHCP is on a Windows 2008 R2 DC, to protect the DC when using the Dns Update Proxy group, you must secure the group by running: dnscmd /config /Open Acl On Proxy Updates 0 Using “DHCP Name Protection.” will register A and PTR record on behalf of a client, and will prevent a workstation (non-Windows) Name Squatting, meaning using a name that another machine (non-Windows or Windows) client that DHCP already registered , from registering it’s name. Even simpler is to use fixed IP addresses for the virtual machines.