DHCP updated Domain Controller DNS record

Here is the scenario:

Someone brought a laptop in the office (customer), plugs in and gets a DCHP address.  It just so happens that the DCHP client (laptop) has the same name as the Domain Controller.  DHCP updates the DNS records for the server with the "new" DHCP address.

I know someone this happened too.  How do I prevent this from happening on my network?
aspdev1234Asked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

mikeleebrlaCommented:
Did the DC have a static or DHCP address? I think having a Static address on the DC would have prevented this since the static DNS address couldn't be replaced.
0
aspdev1234Author Commented:
The DC has a static address.  If there is a way to specify in DNS that an address is static, then I don't know of it.  I don't think it is possible to specify that in DNS.

The issue as I see it is this:  How do you prevent a machine with an identical name as your server from getting a DHCP address?
0
mikeleebrlaCommented:
aspdev1234,, I never said that a DNS address could be specified as static in DNS. It sounds like  your DNS and DHCP are integrated since you say  "DHCP updates the DNS records".

DNS records can be updated in one of two ways when you have DNS and DHCP integrated:

1.the DHCP client tells the DNS server "hey this is my new address",  this is probably what happened in your case. it is very insecure since there is no way to trust the client is telling the truth.

2.  The DHCP server tells the DNS server about the updates (this is the default for windows 2000/2003)

Neither of these methods prevent the situation you explained however... you say later.

The issue as I see it is this:  How do you prevent a machine with an identical name as your server from getting a DHCP address? The answer is you cannot,, think about it,,DHCP knows nothing about DNS names. DHCP is how a client gets an IP address.... The client requests an IP, the DHCP serve gives it an IP.  If dynamic updates are turned on on the DHCP server, the DHCP server then tells the DNS server that it registered a new client.  The DNS server simply overwrites the "correct" DNS record with the one of the laptop.  It seems as though there should be a better way, but the only way i see to resolve this situation is to either turn off dhcp, or to dis-allow dynamic updates between dns and dhcp.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Networking

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.