Remove DNS records in Domain B from DHCP Server in Domain A

We are building virtual desktops for another organization that we have a two way domain level trust with. The desktops get their IP addresses from Domain A and then register their A records on DNS server in Domain B and join to the Domain B windows domain. This works very well.

However, when the desktop is destroyed (every time a log our or disconnection occurs) the DHCP server releases the IP address, based on a very short lease duration, builds a new desktop with the same name, then gets a new DHCP address with a different MAC address. However, the old machine name and IP address is never removed from Domain B's DNS servers so the new IP address is never registered and hense, the desktop cannot reach the domain resources it requires in Domain B.

If we manually delete the A records from the Domain B DNS server then the recreated machines will register themselves just fine. It's the re-registration that's killing me.

Is there any solution short of mucking with routing and trying to use the DHCP server in domain B? It would be nice if a script could be run at log out that would delete the A record. I've tried testing with the dnscmd /recorddelete command but cannot get it to successfully delete an A record even when it tells me it did.

Any script would have to be run with sufficient privileges to delete the record and it would have to know the IP address to make it happen.

Any ideas. I'm stumped.
Who is Participating?
bgoeringConnect With a Mentor Commented:
Have you considered dns scavanging for the dns server in domain B? Take a look at and see if that would help your situation.

To go along with the scavenging set a short intervel for aging the record, and configure the clients to refresh frequently so they don't accidently get deleted. See for how to manage the interval.

"By default, Windows XP and Windows Server 2003 reregister their A and PTR resource records every 24 hours regardless of the computer's role. To change this time, add the DefaultRegistrationRefreshInterval registry entry under the following registry subkey:
The interval is set in seconds. "

Another thing that might help is to configure scope option on dhcp, go to configure options, hit advanced tab, the microsoft options. Option 2 will release lease at shutdown and (possibly) unregister DNS when link expires.

Hope this helps
hccaAuthor Commented:
I tried or had already tried all the solutions outlilned by bgoering and I really appreciate his response. Since he was the only responder and brought some solutions, particularly the "microsoft options, option2" which seemed like it ought to work. Unfortunately it did not solve the problem.

We did find a solution and it was to enable both non secure and secure dns updates in domain B. As soon as this was enabled the symptoms of the problem went away. I am unsure if there is a way to make this happen with only secure updates. We even found this to be a problem within Domain A.

If somebody has a solution to this new twist than I'll split the points, otherwise Monday or Tuesday I'll mark this solved and pass the points to the only responder.
hccaAuthor Commented:
Enabling both secure and non-secure updates did the trick
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.