I have a 2008R2 domain. I had DNS scavenging working fine, but it was for both non-secure and secure. I disabled DNS scavenging, changed over to "secure only" for DNS updates, and checked some of the records to make sure they were updating. The ones with DHCP were. I re-enabled DNS scavenging with a longer refresh interval to be safe. I have noticed that a lot of records from windows servers, with timestamps older than the no-refresh of 7 days, are not updating even though they have checkboxes to do so. I checked permissions and they do have write permissions on their records, and even if I run a "ipconfig /registerdns", they still do not update the timestamps on their records. When I re-enabled scavenging, I am guessing it somehow re-computes the timestamps so that even my old records might still be falling in the no-refresh interval?
Thanks,
Dave