DHCP updated Domain Controller DNS record

Posted on 2004-11-18
Last Modified: 2010-04-10
Here is the scenario:

Someone brought a laptop in the office (customer), plugs in and gets a DCHP address.  It just so happens that the DCHP client (laptop) has the same name as the Domain Controller.  DHCP updates the DNS records for the server with the "new" DHCP address.

I know someone this happened too.  How do I prevent this from happening on my network?
Question by:aspdev1234
    LVL 25

    Expert Comment

    Did the DC have a static or DHCP address? I think having a Static address on the DC would have prevented this since the static DNS address couldn't be replaced.

    Author Comment

    The DC has a static address.  If there is a way to specify in DNS that an address is static, then I don't know of it.  I don't think it is possible to specify that in DNS.

    The issue as I see it is this:  How do you prevent a machine with an identical name as your server from getting a DHCP address?
    LVL 25

    Accepted Solution

    aspdev1234,, I never said that a DNS address could be specified as static in DNS. It sounds like  your DNS and DHCP are integrated since you say  "DHCP updates the DNS records".

    DNS records can be updated in one of two ways when you have DNS and DHCP integrated:

    1.the DHCP client tells the DNS server "hey this is my new address",  this is probably what happened in your case. it is very insecure since there is no way to trust the client is telling the truth.

    2.  The DHCP server tells the DNS server about the updates (this is the default for windows 2000/2003)

    Neither of these methods prevent the situation you explained however... you say later.

    The issue as I see it is this:  How do you prevent a machine with an identical name as your server from getting a DHCP address? The answer is you cannot,, think about it,,DHCP knows nothing about DNS names. DHCP is how a client gets an IP address.... The client requests an IP, the DHCP serve gives it an IP.  If dynamic updates are turned on on the DHCP server, the DHCP server then tells the DNS server that it registered a new client.  The DNS server simply overwrites the "correct" DNS record with the one of the laptop.  It seems as though there should be a better way, but the only way i see to resolve this situation is to either turn off dhcp, or to dis-allow dynamic updates between dns and dhcp.

    Featured Post

    Top 6 Sources for Identifying Threat Actor TTPs

    Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

    Join & Write a Comment

    Suggested Solutions

    #Citrix #Citrix Netscaler #HTTP Compression #Load Balance
    ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
    Here's a very brief overview of the methods PRTG Network Monitor ( offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
    In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor ( If you're interested in additional methods for monitoring bandwidt…

    729 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    18 Experts available now in Live!

    Get 1:1 Help Now