http://msmvps.com/blogs/ulfbsimonweidner/archive/2005/03/26/39841.aspx
here's the KB I was referring to:
http://support.microsoft.com/?id=816592
On 9/14/06,
Ravi Dogra <[EMAIL PROTECTED]> wrote:
Al this in not a priority for us now. Earlier i was unaware of our VPN
Box settings thats why i was a bit confuse about why these machines
are registring there own records in my DNS.
Also i am not going to uncheck Register in DNS check box on Client
machine as this is not required as if now.
I have already set lease period as per our organizational requirement
so, again i will not do any change unless it is a must required thing
to do.
Al i would surely want to have a look on KB you refered to. If
possible, do me this favor.
Thanks for all your help!!!
Ravi Dogra
On 9/14/06, Al Mulnick <[EMAIL PROTECTED]> wrote:
> Personally, for a shop with more than 30 machines I wouldn't recommend this
> approach. DHCP half-life registrations would start to fly all over the
> place. That and the DHCP server is not registering for the remote users.
>
>
>
> On 9/13/06, Matt Hargraves < [EMAIL PROTECTED]> wrote:
> >
> > I'm not s huge DNS geek, so I'm not sure whether you can do this, but
> can't you just set the DHCP to have a short expiration (1 hour?) and it will
> unregister the 'old' entry for a machine? There would be a small amount of
> vulnerability, but it would go away after the client's reservation expires.
> >
> >
> >
> >
> > On 9/13/06, Ravi Dogra < [EMAIL PROTECTED]> wrote:
> > > No, Laptop Users are getting IP Addresses from my VPN Box and when
> > > they are on site its DHCP.
> > >
> > > On machines "Register in DNS" option Is checked, hence machines are
> > > attempting to register its own records in DNS. Although i have made my
> > > LAN DHCP to register only its Clients in DNS.
> > >
> > > Credentials used are abviously my Administrator Account.
> > >
> > > But Al,
> > >
> > > The Issue we had is laptop users are using LAN DHCP as well as using
> > > VPN Connection from home. Both are getting registered in My DNS with
> > > different IP. Which is obvious.
> > > But the thing is SOPHOS gave us this as one of the reasons for my
> > > laptop machines not showing in Sophos Enterprise Console because it
> > > uses DNS to build existing machines list.
> > >
> > > Now everything is working fine and this reason was totally not
> applicable.
> > >
> > > but still there are other machines which are only in our network using
> > > only my LAN DHCP and are not showing up in EC.
> > >
> > > Sophos Support team is working on this.
> > >
> > > Thanks and Regards
> > > Ravi Dogra
> > >
> > > On 9/13/06, Al Mulnick <[EMAIL PROTECTED]> wrote:
> > > > I swear this is the last question and then I'll make a suggestion. :)
> > > >
> > > > Is the DHCP server that the remote clients are getting their ip addr's
> from
> > > > the same as the one that you are using for lan connected clients? You
> are
> > > > obviously allowing the user's machine to update it's own records, but
> is
> > > > that consistent or is the DHCP server on the lan registering the
> records for
> > > > you possibly under a different set of credentials or in a different
> zone?
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > > On 9/11/06, Ravi Dogra < [EMAIL PROTECTED]> wrote:
> > > > > yes its correct.
> > > > >
> > > > > No we have mobile users..
> > > > >
> > > > > On 9/11/06, Al Mulnick < [EMAIL PROTECTED]> wrote:
> > > > > > Besides the obvious of telling Sophos to adjust their management
> to deal
> > > > > > with this, here's what I understand of your problem to date.
> > > > > >
> > > > > > VPN clients that are also trusted network clients ( i.e. mobile
> users
> > > > that
> > > > > > traverse both trusted and non-trusted networks can end up with
> seemingly
> > > > > > duplicate entries for the same device but different ip addresses.
> This
> > > > > > confuses some antivirus management applications and presumably
> some
> > > > > > management applications such as SMS or similar class of app, that
> rely
> > > > on
> > > > > > reverse name resolution.
> > > > > >
> > > > > > Is that correct?
> > > > > >
> > > > > > Do you have workers that are remote-based only?
> > > > > >
> > > > > > Al
> > > > > >
> > > > > >
> > > > > >
> > > > > > On 9/8/06, Ravi Dogra < [EMAIL PROTECTED]> wrote:
> > > > > > > According to Sophos Support if one host has 2 DNS Entries,
> Sophos
> > > > > > > Enterprise Manager might not be able to detect this Host and
> auto
> > > > > > > update will also dont work.
> > > > > > >
> > > > > > > As you know jolly;- We are in process of migration from Trend to
> > > > > > > Sophos as our Antivirus Solution.
> > > > > > >
> > > > > > > Working on a solution will update soon.....
> > > > > > >
> > > > > > > Thanks
> > > > > > > Ravi Dogra
> > > > > > >
> > > > > > > On 9/8/06, Jaspreet Singh < [EMAIL PROTECTED]> wrote:
> > > > > > > >
> > > > > > > > Ravi,
> > > > > > > > As Rob said, If your VPN box is forwarding requests to your
> internal
> > > > > > network
> > > > > > > > the your DNS will automatically update the records according
> to the
> > > > new
> > > > > > IP
> > > > > > > > which in your case is "x.x.5.x".
> > > > > > > >
> > > > > > > > Can you explain exactly what is the problem that you are
> facing due
> > > > to
> > > > > > this?
> > > > > > > >
> > > > > > > > Regards,
> > > > > > > > Jaspreet Singh Jolly
> > > > > > > >
> > > > > > > >
> > > > > > > >
> > > > > > > > On 9/7/06, Al Mulnick < [EMAIL PROTECTED]> wrote:
> > > > > > > > >
> > > > > > > > >
> > > > > > > > > 1. I Didnt understand what exactly u r asking?
> > > > > > > > > 2. Yes DHCP Is configured properly.
> > > > > > > > >
> > > > > > > > >
> > > > > > > > > That's not what I asked. I asked if it's updating the
> records for
> > > > the
> > > > > > > > device or is it letting the devices update their own?
> > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > > Al
> > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > > On 9/6/06, Ravi Dogra < [EMAIL PROTECTED] > wrote:
> > > > > > > > >
> > > > > > > > > > 1. I Didnt understand what exactly u r asking?
> > > > > > > > > > 2. Yes DHCP Is configured properly.
> > > > > > > > > > 3. Yes it is running on DC
> > > > > > > > > > 4. No, not running any other credential.
> > > > > > > > > > 5. VPN Machine is entirely a different BOX on other site.
> > > > > > > > > > 6. It doesnt register in my DNS. (Will extract other
> information
> > > > > > from
> > > > > > > > > > Site B Admin)
> > > > > > > > > >
> > > > > > > > > > update you very soon...
> > > > > > > > > >
> > > > > > > > > > Thanks
> > > > > > > > > > RD
> > > > > > > > > > List info :
> > > > http://www.activedir.org/List.aspx
> > > > > > > > > > List FAQ :
> > > > http://www.activedir.org/ListFAQ.aspx
> > > > > > > > > > List archive:
> > > > > > http://www.activedir.org/ml/threads.aspx
> > > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > >
> > > > > > > >
> > > > > > > >
> > > > > > > > --
> > > > > > > > Regards,
> > > > > > > > Jaspreet Singh Jolly
> > > > > > >
> > > > > > >
> > > > > > > --
> > > > > > > Ravi Dogra
> > > > > > > 9899647200
> > > > > > > This e-mail, together with any attachments, is confidential. It
> may be
> > > > > > > read, copied and used only by the intended recipient. If you
> have
> > > > > > > received it in error, please notify the sender immediately by
> > > > > > > or telephone. Please then delete it from your computer without
> making
> > > > > > > any copies or disclosing it to any other person.
> > > > > > > List info :
> http://www.activedir.org/List.aspx
> > > > > > > List FAQ :
> http://www.activedir.org/ListFAQ.aspx
> > > > > > > List archive:
> > > > http://www.activedir.org/ml/threads.aspx
> > > > > > >
> > > > > >
> > > > > >
> > > > >
> > > > >
> > > > > --
> > > > > Ravi Dogra
> > > > > 9899647200
> > > > > This e-mail, together with any attachments, is confidential. It may
> be
> > > > > read, copied and used only by the intended recipient. If you have
> > > > > received it in error, please notify the sender immediately by e-mail
> > > > > or telephone. Please then delete it from your computer without
> making
> > > > > any copies or disclosing it to any other person.
> > > > > List info : http://www.activedir.org/List.aspx
> > > > > List FAQ : http://www.activedir.org/ListFAQ.aspx
> > > > > List archive:
> http://www.activedir.org/ml/threads.aspx
> > > > >
> > > >
> > > >
> > >
> > >
> > > --
> > > Ravi Dogra
> > > 9899647200
> > > This e-mail, together with any attachments, is confidential. It may be
> > > read, copied and used only by the intended recipient. If you have
> > > received it in error, please notify the sender immediately by e-mail
> > > or telephone. Please then delete it from your computer without making
> > > any copies or disclosing it to any other person.
> > > List info : http://www.activedir.org/List.aspx
> > > List FAQ : http://www.activedir.org/ListFAQ.aspx
> > > List archive: http://www.activedir.org/ml/threads.aspx
> > >
> >
> >
>
>
--
Ravi Dogra
9899647200
This e-mail, together with any attachments, is confidential. It may be
read, copied and used only by the intended recipient. If you have
received it in error, please notify the sender immediately by e-mail
or telephone. Please then delete it from your computer without making
any copies or disclosing it to any other person.
List info : http://www.activedir.org/List.aspx
List FAQ : http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ml/threads.aspx
