Hi
Have a question im having problems finding an answer to.
Have a AD integrated dns zone, dynamic updates: secure only. Have 4 dns server 2 x win2012r2 and 2 x win2003r2
Also have 3 DHCP server and a bunch of different networks in my setup.
Now to the question; is it possible to prevent windows clients to register and handle there own dns A record? In the DHCP I have configured it so that the DHCP server handles the dns and not the clients. But my problem is that some windows clients are located on a network without a DHCP, and even when I create the Static DNS A record as administrator, I can see in the logs that the clients can delete there own record.
Is there any way to prevent the DNS to accept updates from all except my DHCP servers? If client is not handled by DHCP, then i do all the changes/updates to that client A record. Dont want anything to be able to change it for me.
In BIND i can say that just allow updates from hostX and hostY, everything else just disregard.
Hope im clear enough, hope someone have a tip for me.