Solved

Disable automatic DNS registration in a DNS server

Posted on 2007-03-19
6
1,636 Views
Last Modified: 2010-11-16
I have three racks of servers (the majority of them are Win2003 SE) that I configured over the weekend to have a second NIC dedicated to performing backups, and ONLY backups.  Two NIC's are in each server, the "primary" one has an address of 192.168.1.x and the NIC used for backing up is at 172.29.183.x  (I match the last octeton each NIC to avoid confusion).

The 172.29.183.x NICs are physically wired into a separate switch that is NOT routed internally, users can NOT see this network and CDP (Cisco Discovery Protocol) cannot find it.  So far, so good, this is what I need to happen.

On the backup link interface setup, in the Advanced tab, in the DNS tab there is a check box that says, "Register this connection's addresses in DNS".  I DON'T want this interface's IP registered in DNS, becasue it then hoses up DNS entries for authentication to the 192.168.1.x subnet.  This DNS non-registration works properly on each and every server BUT (and here it comes!) the two DNS servers I have!  Yep, that's right, the DNS servers rudely register their "backup" NIC IP's in the DNS registry irregardless of whether that do-not-register box is checked.  Those are the most important IP's that I *don't* want registered, yet I can't get rid of 'em.

Here's what I tried, to no avail:
1) Un-check the "Register this connection's addresses in DNS" box for BOTH NIC's
2) Applied the DWORD DisableDynamicUpdate per the KB article: http://support.microsoft.com/kb/246804 - note that this affects BOTH NIC's per the article.

Here's the interim solution, which of course is NOT acceptable:
1) Disable the interface (NOT unplug, just disable).

To recap:  DNS non-replication of a specific NIC works fine on a non-DNS server.  On a DNS server, it won't shut up unless the interface is disabled.

0
Comment
Question by:Linette_Laiminger
6 Comments
 
LVL 3

Expert Comment

by:fpthree
ID: 18749797
Is WINS enabled on this box?
If so, try to disable WINS. Maybe there's a connection between your DNS and WINS database.
If, WINS exists.
0
 
LVL 6

Expert Comment

by:Mark Pavlak
ID: 18750019
Have you unchecked regsiter DNS then delete the A record and the asicatoed pointer?
0
 

Author Comment

by:Linette_Laiminger
ID: 18750401
Oh yes - multiple times.  I can now officially do it in my sleep.

We found the solution.  Go to the KB 246804 article and look under the area "DNS Server Service" - it's about halfway down the article.  You have to create the REG_SZ subkey PublishAddresses (in the proper place), and then stop/start the DNS service to apply.  I've been watching the DNS now for 30 minutes and it hasn't regenerated the 172.29.183.x addresses (for either server), so apparently MicroSoft was aware of the problem.

Problem solved.  Thanks!  Add it to your Knowledgebase.
0
What Security Threats Are You Missing?

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

 
LVL 6

Expert Comment

by:Porka
ID: 18787946
ive seen this before and this doesnt always work but you could give it a try. In the DNS console, open the properties of the affected server and under the advanced tab, untick enable round robin. It has worked for me in the past when i have had NIC's autoregistering themselves when they shouldnt be. Hope this helps
0
 
LVL 70

Expert Comment

by:KCTS
ID: 19720695
No comment has been added to this question in more than 21 days, so it is now classified as abandoned.

I will leave the following recommendation for this question in the Cleanup Zone:
PAQ - Refund

Any objections should be posted here in the next 4 days. After that time, the question will be closed.

KCTS: Experts Exchange Cleanup Volunteer
0
 
LVL 1

Accepted Solution

by:
Computer101 earned 0 total points
ID: 19750139
PAQed with points refunded (500)

Computer101
EE Admin
0

Featured Post

IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

Suggested Solutions

Have you considered what group policies are backwards and forwards compatible? Windows Active Directory servers and clients use group policy templates to deploy sets of policies within your domain. But, there is a catch to deploying policies. The…
Know what services you can and cannot, should and should not combine on your server.
In this seventh video of the Xpdf series, we discuss and demonstrate the PDFfonts utility, which lists all the fonts used in a PDF file. It does this via a command line interface, making it suitable for use in programs, scripts, batch files — any pl…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

757 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

23 Experts available now in Live!

Get 1:1 Help Now