Dynamic DNS issue

[Pantlegz]

I've got a server that has 2 NIC's one is on the production network the other is simply for the iSCSI. I unchecked the "Register this connection's address in DNS" on the iSCSI nic and it didn't see to matter because it will randomly show up in the DNS tables. This wouldn't be an issue if the server in question weren't a DC and at times users have issues authenticating or getting from another trusted domain to the one this server manages.

Is there a way I can tell the DNS server to blacklist the iSCSI entry? Or should I just make a script and add the correct IP to everyone's host file? Other suggestions?

 

[theevilsharpie]

I've fought this battle with a DC before, and lost.

These days, if a DC is going to have multiple IPs, I will disable dynamic DNS registration and manually add the required DNS records.

 

[imagoon]

Lot more than DNS involved in it, you need to disable DNS as well as the netlogon registrations (_msdcs.yourdomain.local) etc. Basically you plug a few registry entries in to the netlogon service, disable netbios on the iSCSI nics, disable the MS sharing protocols etc.

http://forums.techarena.in/windows-server-help/1130266.htm#post4268993

If you open the DNS MMC and see more than one "Alias (CNAME)" entries per server in their you didn't catch it all.

 

[Pantlegz]

Thanks imagoon, made those chnages and reloaded the zone and so far so good. The issue with going static DNS is there are over 1000 named devices on the network.

 

[theevilsharpie]

Thanks imagoon, made those chnages and reloaded the zone and so far so good. The issue with going static DNS is there are over 1000 named devices on the network.

Err... I meant disable dynamic DNS on the domain controller, not on every device on the network :awe: