Question About Updates

Discussion in 'DNS Server' started by dave m, Jul 3, 2008.

  1. dave m

    dave m Guest

    I have not found a clear explanation of factors affecting Secure Dynamic
    Updates, specifically regarding a potential user account for updating DNS
    and the relationship to DHCP.

    I have a network of Windows 2003, SP2 servers. DNS is AD Integrated. There
    are 4 locations with Domain Controllers/servers..

    Location 1: 2 Domain Controllers, both with DNS, one DC is also the DHCP
    server for the location.

    Location2: 1 DC with DNS and DHCP.

    Locations 3 and 4: 1 DC each with DNS. Sites are small and static IP
    addressing is used.

    All DNS servers are Primary, pointing only to themseleves, forwards are the
    ISP's DNS servers.

    Currently Dynamic Updates are "Secure and Non-secure". I want to change to
    "Secure Only" but the uncertainty about an user account and how it relates
    to DNS and DHCP has held me back. I can find no clear explanation of this
    anywhere. DNS works fine, its the Secure ONly issue that needs addressing.


    dave Admin
    dave m, Jul 3, 2008
    1. Advertisements

  2. Let me try to explain:

    If you use secure updates only in DNS, computer account has to be verified
    in AD before attempting an update to a DNS database. Now, if a DHCP is
    configured to update DNS records for all clients, and if a client that is
    not member of your domain gains ip address from DHCP, DHCP will write his
    record in a DNS since DHCP is presumably a domain member.
    Marin Frankovic, Jul 6, 2008
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.