In this case they have, but there are times when a computer is reimaged and placed on a different IP.
We've been hashing over it over here and I think for the MOST part, this is how it should work and there is probably something else going on. Thanks for the sounding board! From: Michael B. Smith [mailto:mich...@smithcons.com] Sent: Tuesday, February 21, 2012 9:35 AM To: NT System Admin Issues Subject: RE: Dynamic DNS Deregistration Do you have two PTR records for the IP address? If so, then yes DNS will round-robin those results. That shouldn't affect forward lookups in any way. Personally, I prefer to use a IP-based discovery, rather than an AD-based discovery; but there are proponents of doing it both ways. Regardless, have the computer names changed? From: Miller Bonnie L. [mailto:mille...@mukilteo.wednet.edu]<mailto:[mailto:mille...@mukilteo.wednet.edu]> Sent: Tuesday, February 21, 2012 12:21 PM To: NT System Admin Issues Subject: RE: Dynamic DNS Deregistration Thanks-and that all makes sense with the "problem" we're seeing. Basically after an old machine is pulled, the DNS entries are still there. They put the new computer on the same static address, and it registers its records, but the old records are also there until aging/scavenging completes or someone who is a dns admin removes them. Another assumption here is that when there are duplicate records (of different timestamps), DNS will then round-robin between the existing records when doing lookups. We believe that to be causing things like slower-than normal detection within SCCM and delayed software deployment. Or, is this second assumption completely wrong? I don't know a lot about SCCM, but can find answers if you need more info on our config. I've been told the discovery is mostly from both AD and DNS. Our newly imaged machines have the SCCM client installed out-of-box. So, it seems to me it could only possibly be an issue if something like the SCCM server is doing reverse lookups, but I don't know what that would be for. In other words, are these lingering DNS records really a non-issue as long as the actual machines are really gone? From: Michael B. Smith [mailto:mich...@smithcons.com]<mailto:[mailto:mich...@smithcons.com]> Sent: Tuesday, February 21, 2012 8:36 AM To: NT System Admin Issues Subject: RE: Dynamic DNS Deregistration A quick test indicates "also for Win7". Yes, scavenging cleans it up over time, as long as the records were dynamically registered and not manually registered. From: Miller Bonnie L. [mailto:mille...@mukilteo.wednet.edu]<mailto:[mailto:mille...@mukilteo.wednet.edu]> Sent: Tuesday, February 21, 2012 10:02 AM To: NT System Admin Issues Subject: RE: Dynamic DNS Deregistration Only for XP, or also for Win7? And if you leave the XP record, aging/scavenging cleans it up over time? From: Todd Lemmiksoo [mailto:tlemmik...@gmail.com]<mailto:[mailto:tlemmik...@gmail.com]> Sent: Tuesday, February 21, 2012 6:53 AM To: NT System Admin Issues Subject: Re: Dynamic DNS Deregistration No, you would need to remove the XP A record manually. On Tue, Feb 21, 2012 at 8:23 AM, Miller Bonnie L. <mille...@mukilteo.wednet.edu<mailto:mille...@mukilteo.wednet.edu>> wrote: ...bump I'll try to shorten the question-when you shut down a domain-joined XP or Win7 workstation with a static IP, does it dynamically de-register that address from DNS (clearing the DNS records, both A and ptr)? WS08 R2 AD-integrated DNS in a single forest/domain. From: Miller Bonnie L. [mailto:mille...@mukilteo.wednet.edu<mailto:mille...@mukilteo.wednet.edu>] Sent: Thursday, February 16, 2012 10:26 AM To: NT System Admin Issues Subject: Dynamic DNS Deregistration We're having an "issue" with this, and after doing some reading and research, I'm wondering if this is actually behaving as expected? For as long as I can remember many of us here, including myself, have always thought Windows computers (these are most XP SP3) that have static IPv4 addresses should automatically deregister themselves from dynamic DNS when the computer is shut down. Similar DHCP machines would do the same as long as all the extra stuff for DHCP is configured correctly. I honestly don't remember where we got this assumption from, but thought we were told this by an instructor WAY back in early Win2k training. Our DNS is AD integrated, single forest/domain, set for secure dynamic updates and these are domain-joined machines. But, as we slowly move away from GPO deployed software to SCCM installations, we're having more trouble with software not installing. And, our techs continue to remove WinXP machines, replacing with Win7, but re-using the same static IPs as they change them out. I've had at least one tech watching this more closely now, and what we're seeing that as they put in new computers and re-use the same IP address, the old computers are still there until aging/scavenging has completely run its course, or until someone with admin rights manually deletes the entries. They have pretty much always done computer replacements this way-if a computer with a static IP gets replaced, the static IP gets moved over to the new computer. Our DNS servers are all WS08 R2, but I believe this still mostly applies: http://support.microsoft.com/kb/816592 And in here, I don't see anything about a computer de-registering itself at shutdown. Does anyone have a better link for the exact scenario and/or what is the consensus and expectation of this behavior? If others have run into this as a problem in their environment, what do you do instead to get around it? For example, do you cycle through a set of static IPs different than the originals? Or, do techs switch the machine over to DHCP briefly before final shutdown and that would trigger a deregistration? Our techs are not DNS admins, so manual cleanup falls back on a few who are and is not a really good solution. BTW, I've left out a lot of our DNS config information as things are otherwise working as expected. I don't think a lot of it is relevant, but if something matters, please ask. I've not had the same complaint on our DHCP machines, but I honestly have not had a reason to look at it. The pools are big enough that these might mostly be cycling through unused addresses and not reallocating the same one before aging/scavenging has already flushed the previously used registration. Thanks! Bonnie ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com> with the body: unsubscribe ntsysadmin -- T. Todd Lemmiksoo ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com> with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com> with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com> with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com> with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com> with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
