Article ID: 932464 - View products that this article applies to.
This article describes how Domain Name System (DNS) dynamic updates work together with the DNS "aging and scavenging" process in Microsoft Windows 2000 and in Microsoft Windows Server 2003.
DNS "aging and scavenging" intervalsWindows Server 2003 uses the following DNS "aging and scavenging" settings.
Note By default, the Dynamic Host Configuration Protocol (DHCP) lease time is set to eight days.
Collapse this tableExpand this table
When a DNS record is created by a new client, the NoRefresh interval is in effect. When the client dynamically updates its DNS information in this situation, the client's DNS time stamp is not updated until the Refresh interval takes effect. This behavior prevents the replication of lots of DNS objects in the Active Directory directory service.
During the Refresh interval, the client's DNS time stamp is updated. During the Scavenging interval, old DNS resource records are automatically deleted.
Security and DNS recordsWhen a DNS client or a DHCP server performs a dynamic update, the DNS record adds the Computer_Name$ account to the permissions for the DNS record. Therefore, only the computer that registered the DNS record can update the DNS record. In some scenarios, when a change is made on the DHCP server, the DHCP server may not update a DNS record when the client registers a DNS record. This behavior occurs if the Computer_Name$ account already exists for the DNS record.
How the client dynamically registers the DNS recordsWhen the DNS client is configured to use a static IP address, the DNS client registers both host (A) resource records and pointer (PTR) resource records on the DNS server. Then, the DNS client adds the Client_Computer_Name$ account together with Full Control permissions for the DNS record.
To change this behavior, disable the Register this connection's address in DNS setting on the DNS client computer. To do this, follow these steps:
Assume that Microsoft Windows 2000-based DNS clients or later versions of DNS clients are configured to use the following DHCP settings:
The DHCP lease-expiration processImportant This section, method, or task contains steps that tell you how to modify the registry. However, serious problems might occur if you modify the registry incorrectly. Therefore, make sure that you follow these steps carefully. For added protection, back up the registry before you modify it. Then, you can restore the registry if a problem occurs. For more information about how to back up and restore the registry, click the following article number to view the article in the Microsoft Knowledge Base:
(http://support.microsoft.com/kb/322756/ )How to back up and restore the registry in Windows
DHCP checks for expired leases by using the following registry subkey:
By default, when the DHCP Server service is running on Windows Server 2003-based computers, the DatabaseCleanupInterval value is set to 60 (1 hour). When the DHCP Server service is running on a Windows 2000-based computer, the DatabaseCleanupInterval value is set to 1440 (1 day). When the DHCP lease is released, the DHCP server unregisters the DNS record.
You can configure the client's DHCP lease to expire automatically when the client computer is shut down for Windows 2000-based DNS clients or for later versions of DNS clients. To do this, follow these steps:
How to configure the queue limit on a DHCP serverThe DHCP server uses the queue limit to restrict the number of DNS records that the server tries to unregister at the same time. If there are lots of pointer (PTR) resource records to be scavenged, the DHCP server may reach the queue limit. If this behavior occurs, the DHCP server unregisters records until it reaches the configured queue limit.
You can change the DHCP queue limit on a Windows Server 2003-based computer by installing hotfix 837061 or by installing Windows Server 2003 Service Pack 1 (SP1). For more information, click the following article number to view the article in the Microsoft Knowledge Base:
837061After you install hotfix 837061 or Windows Server 2003 Service Pack 1 (SP1), you can increase the size of the queue that DHCP tries to unregister during each cycle. To do this, set the DynamicDNSQueueLength registry entry to 2048.
(http://support.microsoft.com/kb/837061/ )DHCP server processes expired PTR resource records in Windows Server 2003
For more information about DNS in Windows 2000 and in Windows Server 2003, click the following article number to view the article in the Microsoft Knowledge Base:
291382For more information about how to configure DNS dynamic updates in Windows Server 2003, click the following article number to view the article in the Microsoft Knowledge Base:
(http://support.microsoft.com/kb/291382/ )Frequently asked questions about Windows 2000 DNS and Windows Server 2003 DNS
(http://support.microsoft.com/kb/816592/ )How to configure DNS dynamic updates in Windows Server 2003
Article ID: 932464 - Last Review: December 3, 2007 - Revision: 1.7