Remove DNS records in Domain B from DHCP Server in Domain A

Posted on 2010-08-25
Last Modified: 2012-08-14
We are building virtual desktops for another organization that we have a two way domain level trust with. The desktops get their IP addresses from Domain A and then register their A records on DNS server in Domain B and join to the Domain B windows domain. This works very well.

However, when the desktop is destroyed (every time a log our or disconnection occurs) the DHCP server releases the IP address, based on a very short lease duration, builds a new desktop with the same name, then gets a new DHCP address with a different MAC address. However, the old machine name and IP address is never removed from Domain B's DNS servers so the new IP address is never registered and hense, the desktop cannot reach the domain resources it requires in Domain B.

If we manually delete the A records from the Domain B DNS server then the recreated machines will register themselves just fine. It's the re-registration that's killing me.

Is there any solution short of mucking with routing and trying to use the DHCP server in domain B? It would be nice if a script could be run at log out that would delete the A record. I've tried testing with the dnscmd /recorddelete command but cannot get it to successfully delete an A record even when it tells me it did.

Any script would have to be run with sufficient privileges to delete the record and it would have to know the IP address to make it happen.

Any ideas. I'm stumped.
Question by:hcca
  • 2
LVL 28

Accepted Solution

bgoering earned 500 total points
ID: 33527078
Have you considered dns scavanging for the dns server in domain B? Take a look at and see if that would help your situation.

To go along with the scavenging set a short intervel for aging the record, and configure the clients to refresh frequently so they don't accidently get deleted. See for how to manage the interval.

"By default, Windows XP and Windows Server 2003 reregister their A and PTR resource records every 24 hours regardless of the computer's role. To change this time, add the DefaultRegistrationRefreshInterval registry entry under the following registry subkey:
The interval is set in seconds. "

Another thing that might help is to configure scope option on dhcp, go to configure options, hit advanced tab, the microsoft options. Option 2 will release lease at shutdown and (possibly) unregister DNS when link expires.

Hope this helps

Author Comment

ID: 33555429
I tried or had already tried all the solutions outlilned by bgoering and I really appreciate his response. Since he was the only responder and brought some solutions, particularly the "microsoft options, option2" which seemed like it ought to work. Unfortunately it did not solve the problem.

We did find a solution and it was to enable both non secure and secure dns updates in domain B. As soon as this was enabled the symptoms of the problem went away. I am unsure if there is a way to make this happen with only secure updates. We even found this to be a problem within Domain A.

If somebody has a solution to this new twist than I'll split the points, otherwise Monday or Tuesday I'll mark this solved and pass the points to the only responder.

Author Closing Comment

ID: 33578884
Enabling both secure and non-secure updates did the trick

Featured Post

Portable, direct connect server access

The ATEN CV211 connects a laptop directly to any server allowing you instant access to perform data maintenance and local operations, for quick troubleshooting, updating, service and repair.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

This article will show you how to create an ISO CD-ROM/DVD-ROM image (*.iso), and MD5 checksum signature, for use with VMware vSphere Hypervisor 6.5 (ESXi 6.5). It's a good idea to compare checksums, because many installations fail because of a corr…
Veeam Backup & Replication has added a new integration – Veeam Backup for Microsoft Office 365.  In this blog, we will discuss how you can benefit from Office 365 email backup with the Veeam’s new product and try to shed some light on the needs and …
Teach the user how to install log collectors and how to configure ESXi 5.5 for remote logging Open console session and mount vCenter Server installer: Install vSphere Core Dump Collector: Install vSphere Syslog Collector: Open vSphere Client: Config…
Teach the user how to use vSphere Update Manager to update the VMware Tools and virtual machine hardware version Open vSphere Client: Review manual processes for updating VMware Tools and virtual hardware versions: Create a new baseline group in vSp…

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question