We help IT Professionals succeed at work.

Group Policy to set DNS Client settings for VPN users??

Medium Priority
Last Modified: 2010-03-18
When users connect to our Windows VPN they receive an IP from the RAS server (Windows Server 2003).  As such, DHCP is not in effect so the settings to Register the connection with DNS and to use specific DNS servers are not available.  There are Administrative Templates for the generic DNS Client connection settings, but I'm not sure how to apply this to RAS clients only or if I can "publish" a VPN connection/icon with these settings pre-configured.

Currently some of our apps are not functioning because they require lookups that now fail.  Does anyone know how to deal with this via Group Policy or another means?
Watch Question

You can pass DHCP scope options from your normal DHCP server to RAS clients

How to Use DHCP to Provide Routing and Remote Access Clients with Additional DHCP Options


This currently takes place - the RAS server is set as a DHCP Relay Agent.  The issue is not what the clients are receiving, but what they are not sending: they don't register their records in DNS at connection, so anything doing a lookup (not VPN client to host, but from some internal host back to the client) fails.
It should register.  In the properties for the VPN connection on the client, goto the TCP/IP properties and click the advanced button.  Then go to the DNS tab.  Is "register this connection in DNS" checked?  It should be.  You may also need to check the box below it: "use this connections suffix..." or something like that.  Experiment with and without this last one.


Agreed - that is the fix, but that's a manual fix.  The question is whether or not there's an alternative method to address this issue with the 65% of our company that is remote.  The manual fix will literally require about 300 individuals to make these changes to the TCP/IP properties of the VPN Connection - I'd like to find a way to address this globally if possible.
So you said originally that those settings(Register this connection...) were not available because you were not using DHCP, but now you say that you ARE relaying DHCP optins to the RAS clients and that that 'Register this connection' IS the solution but its not good enough because its turned off on too many clients?

Dynamic DNS (DDNS) is actually a function of DHCP and takes place before any group policy is processed, so therefore I don't believe you can accomplish setting this option through a GPO, but I do believe that 'IPCONFIG /registerdns' would work and can be inserted into the startup script for the computers in question.  Possibly the login script, but It's probably better off in the startup script if possible.

Not the solution you were looking for? Getting a personalized solution is easy.

Ask the Experts
Access more of Experts Exchange with a free account
Thanks for using Experts Exchange.

Create a free account to continue.

Limited access with a free account allows you to:

  • View three pieces of content (articles, solutions, posts, and videos)
  • Ask the experts questions (counted toward content limit)
  • Customize your dashboard and profile

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.


Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.