Hi Footech, that was the one I was forgetting, the GP to stop windows (basically secure) updates from happening. Then enable secure only on the DNS and no clients can do dynamic updates.
enable DHCP to do all updates and effectively doing what I want.
In the following example, I use Set-DNSServer to migrate configuration data from server01 to server02: Get-Dns Server -Cim Session 'server01' | Set-Dns Server -Computer Name 'server02' Of course, we use the native Power Shell *-Service cmdlets to operate on the server directly.
For instance, to restart the local DNS server we can run: Restart-Service -Name DNS -Force Although you can configure a DNS server to do nothing but fulfill name resolution requests and cache the results, the primary work of a Windows DNS server is to host one or more lookup zones.
There's a lot of factors that come into play, so it can be quite difficult to explain.
I would recommend reading https://technet.microsoft.com/en-us/library/dd197470(v=ws.10)In particular, under "DNS Processes and Interactions", there is a section on dynamic update and a number of sections afterward that are applicable.
How can i ensure that only the DHCP sever updates DNS and not any client windows or other wise. "The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years.
"Because some clients do not update there records and some do..." So all your clients get their IP info from the Windows DHCP server?
If a zone is configured to allow both nonsecure and secure, usually a nonsecure update is done.
So basically any client that gets DHCP is dynamically updated (via DHCP server) static devices are manually updated.
(these are often web and infrastructure servers and DNS needs to be manually configured any way) Other static device (instrument PC and other device that require applications that need static IP) we use DHCP reservations for so they get updated via DHCP server to. it's about 6 years since I really was playing with Microsoft DNS and DHCP, and I could not remember if when you set dynamic updates to "none" the DHCP servers could still update ( it seems not) but I knew before I had it so no clients updated directly.
This launches the New Zone Wizard, which will ask us to specify the following information: Zone type. By default, your new zone will have two DNS records: Start of Authority (SOA): This record identifies which server is authoritative for the zone Name Server (NS): This record identifies the servers that host records for this zone Right-click the new zone and you'll see various resource record creation options directly in the shortcut menu; these include: Host (A): This is your "bread and butter" record that identifies a single host Alias (CNAME): This record allows you to map more than one hostname to a single IP address Mail Exchanger (MX): This record identifies your company's e-mail server(s) that are attached to the current DNS domain We'll finish today's tutorial by using Power Shell to define a new A record for a host named 'client1' and verify its existence.
Options are primary, secondary, stub, and Active Directory-integrated.