Static / Fixed DNS A record

Hi All,

Is there a way to create a fixed DNS A record? We're using an A record for our corporate portal. But it seems like there are devices that overwrites the A record.

Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

It could be that the IP address is available as part of a DHCP scope. If the DHCP server does not have conflict detection turned on, it will just assign the address. The host taking this address will then update DNS with its details. This may also be causing you problems with hosts with conflicting IP addresses.

The simplest solution to this is to find the DHCP server allocating the address and add the address as an exclusion and/or turn on conflict detection.

tanskieAuthor Commented:
Thanks Draxonic. Yes the client's ip trying to overwrite the dns a record is on a dhcp scope. However, I think the solution that you mentioned is only temporary. If it gets another IP, it will automatically replace the A record.
What I'm looking for is how to lock the A record's IP.
Just add a DHCP reservation for that IP address and your server's network card MAC address. That way even if your server is not using DHCP, DHCP won't hand that IP address to any other machines
Cloud as a Security Delivery Platform for MSSPs

Every Managed Security Service Provider (MSSP) needs a platform to deliver effective and efficient security-as-a-service to their customers. Scale, elasticity and profitability are a few of the many features that a Cloud platform offers. View our on-demand webinar to learn more!

If the host that is taking the IP address gets a different IP, it will create a DNS entry with the different IP, allowing the corporate portal to keep its own record for that IP address.

You can either add it as an exclusion or add a reservation as MegaNuk3 suggests above. Either one should work. You can then add your A record for your corporate portal and you should be good.

If you have aging and scavenging turned on, you will also want to ensure the record does not expire.
tanskieAuthor Commented:
@MegaNuk3: the ip address intended for the portal server is not on any dhcp scope because it's a server and we don't have dhcp scopes for our servers.  Also, the rogue device is on a different subnet. I can't reserve an IP of that device because it keeps transferring to another location which is on a different subnet. right now, we asked our network guys to block the mac address of the device. but what if it will transfer to another location, we can't just block or reserve him a different ip everytime it transfers. another challenge is that we cannot remotely manage the device because all of its ports are filtered and it's not found on the domain computers, so it's probably  not joined to the domain.

@Draxonic: somehow, the rogue device with the same name as with our portal did not create a different record on the DNS. It keeps replacing the ip of the portal's A record. I also searched on the domain for the hostname but it did not return any result. Is it possible that a device not joined to the domain can be registered on the DNS?
Can you do an ipconfig /all on your server and ensure it is not showing as having another IP address associated with it which keeps overwriting your DNS?

Have you tried
Net view \\<ip address>

Nbtstat -A <Ip address>

To see if they show any useful
Information as to what the other machine is
tanskieAuthor Commented:
@MegaNu3: those commands won't work because the device is unreachable. however, when i ran nmap -P0 the result shows that the device is up. I then tried nmap -P0 -O to check the OS, but it wasnt able to detect the OS because there were too many fingerprints detected.

We got the machine's MAC from the DHCP server. We then asked our network guys to block it from the network and we traced the device. We found the device and renamed it.

My problem is how do we prevent this from happening again? Is there a way to lock a DNS record?
"      07-05-2006
In 2003 when you create a new host record there is a check box to "Allow any
authenticated user to update DNS records with the same owner name." Don't
check that and only manual updates work. Even the host can't change it, so
beware if you change the ip address the record won't be changed for you.
There is a group (I believe it is the DNSUpdateProxy group) that if you
belong to you can change the records.

Which is from here:

More info:

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
tanskieAuthor Commented:
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.