Windows DHCP and DDNS behavior


R

rzanni

I have a question concerning Windows DHCP and DDNS behavior in Windows
2003. The environment I'm working with has multiple vlans and
multiple scopes in DHCP and of course an AD domain. I want to control
the "suffix" that is registered for a DHCP client through dynamic DNS,
regardless of the primary and connection specific suffixes that are
set on the Windows client. The clients may or may not belong to the
AD domain.

For example, suppose I had the following TCP/IP setting on a DHCP
client system:
Computer Name: computer1
Primary suffix (& AD name): ad1.company.com
Connection specific suffix: marketing.company.com
Both the "Register this connection's addresses in DNS" and "Use this
connection's DNS suffix in DNS registration" are checked on the DNS
tab in the Advanced TCP/IP settings.

When DHCP dynamically registers the computer's name in DNS, I want it
to register an A and PTR record for "computer1.scope1.company.com" and
only for that name.

I've tried to adjust the scope options with DHCP to specify the domain
name (option 15). However, from what I understand, there are
different levels at which DHCP options are applied (server, scope,
class, and client) and that they are applied in that order. So, if I
specify option 15 to be "scope1.company.com" on the DHCP server and a
client connects that has option 15 set to "marketing.company.com", the
client's settings will override the DHCP server setting and it will be
registered with the "marketing" name.

I'd really like to avoid having to push our a group policy to control
the TCP/IP DNS settings on all clients, especially since this won't do
the non-domain member clients any good.

Am I missing something obvious here?
Thanks for your help...
 
Ad

Advertisements

K

Kevin D. Goodknecht Sr. [MVP]

Read inline please.

In
I have a question concerning Windows DHCP and DDNS behavior in Windows
2003. The environment I'm working with has multiple vlans and
multiple scopes in DHCP and of course an AD domain. I want to control
the "suffix" that is registered for a DHCP client through dynamic DNS,
regardless of the primary and connection specific suffixes that are
set on the Windows client. The clients may or may not belong to the
AD domain.

For example, suppose I had the following TCP/IP setting on a DHCP
client system:
Computer Name: computer1
Primary suffix (& AD name): ad1.company.com
Connection specific suffix: marketing.company.com
Both the "Register this connection's addresses in DNS" and "Use this
connection's DNS suffix in DNS registration" are checked on the DNS
tab in the Advanced TCP/IP settings.

When DHCP dynamically registers the computer's name in DNS, I want it
to register an A and PTR record for "computer1.scope1.company.com" and
only for that name.

I've tried to adjust the scope options with DHCP to specify the domain
name (option 15). However, from what I understand, there are
different levels at which DHCP options are applied (server, scope,
class, and client) and that they are applied in that order. So, if I
specify option 15 to be "scope1.company.com" on the DHCP server and a
client connects that has option 15 set to "marketing.company.com", the
client's settings will override the DHCP server setting and it will be
registered with the "marketing" name.

Clients will only get the connection Specific Suffix from DHCP if the
Connection specific suffix is not configured in the DNS Client settings.
DHCP can assign option 015 at one of three option levels, Server, Scope and
Reservation, each overriding the previous level, Reservation option
overrides Scope and Server setting, Scope option overrides server setting.
If the DNS Client is configured with a suffix, it will not obtain a suffix
from DHCP. The Primary DNS suffix is a System level setting, and can only be
configured in the System Control Panel, or by Group Policy, a group policy
can assign both Primary and Connection Specific suffixes. Only a Group
Policy can override client configured settings, which pretty much aligns to
your understanding.
I'd really like to avoid having to push our a group policy to control
the TCP/IP DNS settings on all clients, especially since this won't do
the non-domain member clients any good.

Am I missing something obvious here?
Thanks for your help...



--
Best regards,
Kevin D. Goodknecht Sr. [MVP]
Hope This Helps

===================================
When responding to posts, please "Reply to Group"
via your newsreader so that others may learn and
benefit from your issue, to respond directly to
me remove the nospam. from my email address.
===================================
http://www.lonestaramerica.com/
http://support.wftx.us/
http://message.wftx.us/
===================================
Use Outlook Express?... Get OE_Quotefix:
It will strip signature out and more
http://home.in.tum.de/~jain/software/oe-quotefix/
===================================
Keep a back up of your OE settings and folders
with OEBackup:
http://www.oehelp.com/OEBackup/Default.aspx
===================================
 
Ad

Advertisements


Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Top