Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Remove DNS records in Domain B from DHCP Server in Domain A

Posted on 2010-08-25
3
Medium Priority
?
617 Views
Last Modified: 2012-08-14
We are building virtual desktops for another organization that we have a two way domain level trust with. The desktops get their IP addresses from Domain A and then register their A records on DNS server in Domain B and join to the Domain B windows domain. This works very well.

However, when the desktop is destroyed (every time a log our or disconnection occurs) the DHCP server releases the IP address, based on a very short lease duration, builds a new desktop with the same name, then gets a new DHCP address with a different MAC address. However, the old machine name and IP address is never removed from Domain B's DNS servers so the new IP address is never registered and hense, the desktop cannot reach the domain resources it requires in Domain B.

If we manually delete the A records from the Domain B DNS server then the recreated machines will register themselves just fine. It's the re-registration that's killing me.

Is there any solution short of mucking with routing and trying to use the DHCP server in domain B? It would be nice if a script could be run at log out that would delete the A record. I've tried testing with the dnscmd /recorddelete command but cannot get it to successfully delete an A record even when it tells me it did.

Any script would have to be run with sufficient privileges to delete the record and it would have to know the IP address to make it happen.

Any ideas. I'm stumped.
0
Comment
Question by:hcca
  • 2
3 Comments
 
LVL 28

Accepted Solution

by:
bgoering earned 1500 total points
ID: 33527078
Have you considered dns scavanging for the dns server in domain B? Take a look at http://technet.microsoft.com/en-us/library/cc776907(WS.10).aspx and see if that would help your situation.

To go along with the scavenging set a short intervel for aging the record, and configure the clients to refresh frequently so they don't accidently get deleted. See http://support.microsoft.com/kb/816592 for how to manage the interval.

"By default, Windows XP and Windows Server 2003 reregister their A and PTR resource records every 24 hours regardless of the computer's role. To change this time, add the DefaultRegistrationRefreshInterval registry entry under the following registry subkey:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TcpIp\Parameters
The interval is set in seconds. "

Another thing that might help is to configure scope option on dhcp, go to configure options, hit advanced tab, the microsoft options. Option 2 will release lease at shutdown and (possibly) unregister DNS when link expires.

Hope this helps
0
 

Author Comment

by:hcca
ID: 33555429
I tried or had already tried all the solutions outlilned by bgoering and I really appreciate his response. Since he was the only responder and brought some solutions, particularly the "microsoft options, option2" which seemed like it ought to work. Unfortunately it did not solve the problem.

We did find a solution and it was to enable both non secure and secure dns updates in domain B. As soon as this was enabled the symptoms of the problem went away. I am unsure if there is a way to make this happen with only secure updates. We even found this to be a problem within Domain A.

If somebody has a solution to this new twist than I'll split the points, otherwise Monday or Tuesday I'll mark this solved and pass the points to the only responder.
0
 

Author Closing Comment

by:hcca
ID: 33578884
Enabling both secure and non-secure updates did the trick
0

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Learn how to PXE Boot both BIOS & UEFI machines with DHCP Policies and Custom Vendor Classes
Ransomware is a malware that is again in the list of security  concerns. Not only for companies, but also for Government security and  even at personal use. IT departments should be aware and have the right  knowledge to how to fight it.
Teach the user how to edit .vmx files to add advanced configuration options Open vSphere Web Client: Edit Settings for a VM: Choose VM Options -> Advanced: Add Configuration Parameters:
Teach the user how to install log collectors and how to configure ESXi 5.5 for remote logging Open console session and mount vCenter Server installer: Install vSphere Core Dump Collector: Install vSphere Syslog Collector: Open vSphere Client: Config…

782 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question