Static / Fixed DNS A record

It could be that the IP address is available as part of a DHCP scope. If the DHCP server does not have conflict detection turned on, it will just assign the address. The host taking this address will then update DNS with its details. This may also be causing you problems with hosts with conflicting IP addresses.

The simplest solution to this is to find the DHCP server allocating the address and add the address as an exclusion and/or turn on conflict detection.

Thanks Draxonic. Yes the client's ip trying to overwrite the dns a record is on a dhcp scope. However, I think the solution that you mentioned is only temporary. If it gets another IP, it will automatically replace the A record.
What I'm looking for is how to lock the A record's IP.

Just add a DHCP reservation for that IP address and your server's network card MAC address. That way even if your server is not using DHCP, DHCP won't hand that IP address to any other machines

If the host that is taking the IP address gets a different IP, it will create a DNS entry with the different IP, allowing the corporate portal to keep its own record for that IP address.

You can either add it as an exclusion or add a reservation as MegaNuk3 suggests above. Either one should work. You can then add your A record for your corporate portal and you should be good.

If you have aging and scavenging turned on, you will also want to ensure the record does not expire.

@MegaNuk3: the ip address intended for the portal server is not on any dhcp scope because it's a server and we don't have dhcp scopes for our servers.  Also, the rogue device is on a different subnet. I can't reserve an IP of that device because it keeps transferring to another location which is on a different subnet. right now, we asked our network guys to block the mac address of the device. but what if it will transfer to another location, we can't just block or reserve him a different ip everytime it transfers. another challenge is that we cannot remotely manage the device because all of its ports are filtered and it's not found on the domain computers, so it's probably  not joined to the domain.

@Draxonic: somehow, the rogue device with the same name as with our portal did not create a different record on the DNS. It keeps replacing the ip of the portal's A record. I also searched on the domain for the hostname but it did not return any result. Is it possible that a device not joined to the domain can be registered on the DNS?

Can you do an ipconfig /all on your server and ensure it is not showing as having another IP address associated with it which keeps overwriting your DNS?

Have you tried
Net view \\<ip address>

Or
Nbtstat -A <Ip address>

To see if they show any useful
Information as to what the other machine is

@MegaNu3: those commands won't work because the device is unreachable. however, when i ran nmap -P0 the result shows that the device is up. I then tried nmap -P0 -O to check the OS, but it wasnt able to detect the OS because there were too many fingerprints detected.

We got the machine's MAC from the DHCP server. We then asked our network guys to block it from the network and we traced the device. We found the device and renamed it.

My problem is how do we prevent this from happening again? Is there a way to lock a DNS record?

thanks