Solved

Our DNS record in the forward lookup zone gets modified

Posted on 2009-05-16
2
338 Views
Last Modified: 2013-11-25
we have a critical server with a static ip adress and a manula entry created for the server in the dns. we noticed that last week when users were trying to react the server they were being redirected to another server. we identified that a new device which was used for some conferencing was using the same name. it got an ip from the dhcp and probably registered it on dns overrighting the existing record. to avoid this problem we requested them to change the name of the device as it was creating this conflict. the name was changed and its record created in DNS with a different name. in spite of doin this we still see the original record is is getting renamed and its ip changing . what could be causing this and what is the way we can prebent this. maybe we could change the security permissions on this host record that it is not modified. our dhcp uses a service account to update the DNS. is it correct to remove permissions for the service account on this perticular host record.
0
Comment
Question by:mgmohiuddin
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 85

Accepted Solution

by:
oBdA earned 250 total points
ID: 24406334
Either remove the permissions for the service account for this special host entry, or stop allowing the DHCP server to register IP addresses completely. Domain members will be able to register themselves in DNS anyway, and there's usually not much use for non-domain members to have their names registered in DNS.
Or change the name of the critical server to something less generic; if there seem to be two devices in your network with the same name as your critical server, you should maybe look into setting up a proper naming scheme for your hosts.
0
 
LVL 7

Expert Comment

by:MariusSunchaser
ID: 24411838
Hi there.
This is what I do in my networks:
1. Use IP rules for network devices like this:
- IP's from 1 to 10 for servers;
- IP's from  11 to 30 for networking actives (switches, AP's, FW's, etc);
- IP 254 for the default GW (main router);
- Limit the DHCP pool from 31 to 250.
2. Set all these devices with manual IP and DHCP reservations.

This way, I never had problems with IP conflicts. For your situation, I suggest to set the IPs manually for special devices in your network (like that VTC equipment), and make reservation in DHCP in a different range than computers.
0

Featured Post

Ready to trade in that old firewall?

Whether you need to trade-up to a shiny new Firebox or just ready to upgrade from whatever appliance you're using now, WatchGuard has the right appliance for you! Find your perfect Firebox today with appliance sizing tool!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Ever wondered why you had to use DHCP options (dhcp opt 60, 66 or 67) in order to use PXE? Well, you don't!
There have been a lot of times when we have seen the need to enter a large number of DNS entries in a forward lookup zone. The standard procedure would be to launch the DNS Manager console, create the Zone and start adding new hosts using the New…
In this brief tutorial Pawel from AdRem Software explains how you can quickly find out which services are running on your network, or what are the IP addresses of servers responsible for each service. Software used is freeware NetCrunch Tools (https…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…

615 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question