I am setting up a new environment for Active Directory. I have two DC with AD integrated DNS installed on them. I have a DHCP fail-over cluster installed on windows as well. These are all running fully patched Server 2008 R2. I
have a mixed environment of Linux and Windows desktops and servers. I am running into an issue using DDNS with DHCP where I have some static entries in DNS (mainly the DC entries) that I want to have protected from a client workstation that would happen
to be named the same as my DC and then DDNS update the DNS record and wipe out the static entry causing all kinds of problems. Is there a good way of stopping this in windows? I have been playing with named protection, secure updates, and a few
other things and have prevented it from updating the A record in the forward look-up zone but it still updates the PTR record in the reverse zone. I know if I used Linux I could match the host name and deny them an IP from DHCP based on host name. Is
there anything like this in Windows? I am having trouble finding anything. If you have a better solution please feel free to share. Thanks for any help!
↧