Not long ago a NIC was added to a VMs accidentally. The NIC automatically received and IP address from DHCP and then updated the DNS record for the server with this DHCP received address.
The NIC was removed, but the DNS update was not known until users were no longer able to reach the server via its DNS name. The DNS records were then manually changed to the correct IP, but an hour later they were automatically updated again to the same DHCP address as earlier from somewhere, and this time the NIC that had received the address was removed from the VM.
I was then unable to find the source of the DNS record update. This happened a couple of times more every hour as I searched. In the end I decideed to find the I the DHCP lease on the DHCP server and delete it, I also set up auditing/monitoring for changes of the DNS records in the zone. I checked the registry of the server which had the DNS record for any remnants of the NIC, and tried to list all network connections with various commands just to check for sure. I found nothing that shouldn't be there(ofcourse). After this all was done, the dynamic updates of the DNS record stopped. I then found this article:
Dynamic updates can be sent for any of the following reasons or events:
* An IP address is added, removed, or modified in the TCP/IP properties configuration for any one of the installed network connections.
* An IP address lease changes or renews with the DHCP server any one of the installed network connections. For example, when the computer is started or if the ipconfig /renew command is used.
* The ipconfig /registerdns command is used to manually force a refresh of the client name registration in DNS.
* At startup time, when the computer is turned on.
* A member server is promoted to a domain controller.
When one of the previous events triggers a dynamic update, the DNS Client service (not the DHCP Client service) sends updates.
I have always thought that it was the DNS client that made the Dynamic DNS update, but then this time the client didn't have the NIC and thus not the IP that was being dynamically updated. Does the text in bold mean that the DHCP lease affects dynamic DNS updates, and that I needed to delete the lease from the DHCP server before the client stopped updating with the DHCP leased address? I would guess not.