• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 270
  • Last Modified:

DHCP updated Domain Controller DNS record

Here is the scenario:

Someone brought a laptop in the office (customer), plugs in and gets a DCHP address.  It just so happens that the DCHP client (laptop) has the same name as the Domain Controller.  DHCP updates the DNS records for the server with the "new" DHCP address.

I know someone this happened too.  How do I prevent this from happening on my network?
0
aspdev1234
Asked:
aspdev1234
  • 2
1 Solution
 
mikeleebrlaCommented:
Did the DC have a static or DHCP address? I think having a Static address on the DC would have prevented this since the static DNS address couldn't be replaced.
0
 
aspdev1234Author Commented:
The DC has a static address.  If there is a way to specify in DNS that an address is static, then I don't know of it.  I don't think it is possible to specify that in DNS.

The issue as I see it is this:  How do you prevent a machine with an identical name as your server from getting a DHCP address?
0
 
mikeleebrlaCommented:
aspdev1234,, I never said that a DNS address could be specified as static in DNS. It sounds like  your DNS and DHCP are integrated since you say  "DHCP updates the DNS records".

DNS records can be updated in one of two ways when you have DNS and DHCP integrated:

1.the DHCP client tells the DNS server "hey this is my new address",  this is probably what happened in your case. it is very insecure since there is no way to trust the client is telling the truth.

2.  The DHCP server tells the DNS server about the updates (this is the default for windows 2000/2003)

Neither of these methods prevent the situation you explained however... you say later.

The issue as I see it is this:  How do you prevent a machine with an identical name as your server from getting a DHCP address? The answer is you cannot,, think about it,,DHCP knows nothing about DNS names. DHCP is how a client gets an IP address.... The client requests an IP, the DHCP serve gives it an IP.  If dynamic updates are turned on on the DHCP server, the DHCP server then tells the DNS server that it registered a new client.  The DNS server simply overwrites the "correct" DNS record with the one of the laptop.  It seems as though there should be a better way, but the only way i see to resolve this situation is to either turn off dhcp, or to dis-allow dynamic updates between dns and dhcp.
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now