How Does Windows 2003 handle creation of DNS Records from DHCP?
Does someone know of a good summary of how Windows 2003 handles creating and removing DNS A records and PTR records when it assigns an IP?
My main reason for wondering this is what happens with non windows clients? Is this function part of the DHCP spec in any way? Also, what conditions can cause an old entry not to be removed?
AD DNS registration can be carried out by the clients themselves (the "Register this connection in DNS" option on the TCP settings for a particular adapter on workstations and servers) but the key feature is Dynamic update of DNS zones. If this is enabled the process is far more secure (only the DHCP server gets to update DNS records not arbitrary end points clients), it also handles clients that cannot automatically register themselves at all and for those who like to keep things tidy dynamic updating also allows for deletion of stale records.
Technet has a good article about it
The DHCP server can dynamically update DNS A and PTR records on behalf of DHCP clients that are not capable of sending option 81 to the DHCP server. You can also configure the DHCP server to discard client A and PTR records when the DHCP client lease is deleted. This reduces the time needed to manage these records manually and provides support for DHCP clients that cannot perform dynamic updates. In addition, dynamic update simplifies the setup of Active Directory by enabling domain controllers to dynamically register SRV resource records.
Microsoft has implemented their DNS registration mechanism to be flexible w/ respect to the DHCP client's ability to perform its own dynamic regsitrations. The default behavior of the Windows 2003 DHCP server is to perform registrations of only the client's PTR record. The client itself performs the registration of the "A" record (by default in all Windows versions that support dynamic update-- 2000 and newer).
Old DNS entries can be removed via aging and scavenging, typically. The DHCP server can also remove the client's "A" record by using the "Discard forward (name-to-address) lookups when leases expires" option.
You can use the "Dynamically update DNS A and PTR records for DHCP clients that do not request updates (for example, clients running Windows NT 4.0)" option to cause the DHCP server to register both "A" and "PTR" records for clients that do not support dynamic update.
A slightly more in-depth article on these topics is available here: http://support.microsoft.com/kb/816592
As far as scavenging is concerned, it needs to be enabled at both the server and zone levels. Scavenging only occurs for dynamically created DNS records. Records that are manually created are not subject to scavenging.
Secure dynamic updates are facilitated via Kerberos and only for AD integrated zones. Updates may be initiated from the client or from the DHCP server, via it's membership in the DnsUpdateProxy group (except if the DHCP server is installed on a DC, which is not the recommended placement for DHCP).