Microsoft dhcp not updating dns records
If there is a problem with PTRs getting updated even after configuring credentials, please see this article: DHCP server processes expired PTR resource records in Windows Server 2003 . The use of Name Protection in the Windows Server® 2008 R2 operating system prevents name squatting by non-Windows-based computers.Name squatting does not present a problem on a homogeneous Windows network where Active Directory® Domain Services (AD DS) can be used to reserve a name for a single user or computer.” DHCP Step-by-Step Guide: Demonstrate DHCP Name Protection“Name squatting occurs when a non-Windows-based computer registers in Domain Name System (DNS) with a name that is already registered to a computer running a Windows® operating system.Also by default, the creator owns the new object and is given full control of it.Secure Dynamic Update Updating DNS Resource Recordshttps://technet.microsoft.com/en-us/library/ff631099(v=ws.10)How to configure DNS dynamic updates in Windows Server 2003. Using DNS servers with DHCP (Contains information on the Dns Update Proxy group and its usage) (WS.10)=============================================================== The credentials only need to be a plain-Jane, non-administrator, user account. Make sure ALL other non-DHCP servers are NOT in the Dns Update Proxy group.For example, some folks believe that the DNS servers or other DCs not be running DHCP should be in it. Make sure that NO user accounts are in that group, either.
Also, if all servers, including DCs, are automatically updating their own record, then there is no fear of losing their records, because for one, their records (timestamps) are current, therefore scavenging won’t touch them, and two, Windows Servers by default will update their records every 24 hours, with the exception of domain controllers at every 60 minutes.
If there are missing entries, you likely have your DHCP missing one of two settings: This is required if you have DHCP installed on a Domain Controller.
It is an issue on Server 2000, 2003, 2008, 2008R2, Server 2012, Server 2012 R2 and will likely be an issue in the newer builds.
By default, the ACL gives Create permission to all members of the Authenticated User group, the group of all authenticated computers and users in an Active Directory forest.
This means that any authenticated user or computer can create a new object in the zone.