DNS records randomly deleted when client computer come back from sleep

I've been struggling with this issue for days, I hope somebody here can help.

DNS records gets randomly deleted in our ad-integrated dns server when Windows 7 clients comes back froms sleep (S3 or S4)

• about 4 times out of 10 the dns record seems to be deleted then recreated
• about 1 times out of 10 the dns record is tombstoned (thus not resolvable anymore)

Dns server is a 2008R2 DC with 2003 functionality level, dns scavenging disabled, clients have static ip. We don't have this problem with WinXP clients.

I set-up audit rules on the MicrosoftDns tree on the dns server, here are the event 4662 i got first in both cases :

Write Property by Client computer account

An operation was performed on an object
Security ID: MYDOMAIN\AWIN7PC$ 
Account Name: AWIN7PC$
Account Domain: MYDOMAIN 
Logon ID: 0xee200a93

Object Server: DS 
Object Type: dnsNode 
Object Name: DC=AWIN7PC\0ADEL:acb4b3a9-86db-46e0-9947-a685df55d575,CN=Deleted Objects,DC=mydomain,DC=com

Operation Type: Object Access
Accesses: Write Property / Access Mask: 0x20 
Properties: Write Property {771727b1-31b8-4cdf-ae62-4fe39fadf89e}{e0fa1e69-9b45-11d0-afdd-00c04fd930c9}
{d5eb2eb7-be4e-463b-a214-634a44d7392e}{e0fa1e8c-9b45-11d0-afdd-00c04fd930c9}`

If the dns is lost that's the only event I got. When it's deleted and re-created i got two more events a couple of seconds later :

DELETE by SYSTEM account on dns server

Security ID: System
Account Name: MYDC$
Account Domain: MYDOMAIN 
Logon ID: 0xc7d4360d

Object Server: DS 
Object Type: dnsNode 
Object Name: DC=AWIN7PC\0ADEL:acb4b3a9-86db-46e0-9947-a685df55d575,CN=Deleted Objects,DC=mydomain,DC=com
Operation Type: Object Access
Accesses: DELETE / Access Mask: 0x20 
Properties: DELETE {e0fa1e8c-9b45-11d0-afdd-00c04fd930c9}`

CREATE CHILD by Client computer account

Security ID: MYDOMAIN\AWIN7PC
Account Name: AWIN7PC$ /Account Domain: MYDOMAIN 
Logon ID: 0xee201f0b
Object Server: DS / Object Type: dnsNode  
Object Name: DC=mydomain.com,CN=MicrosoftDNS,CN=System,DC=mydomain,DC=com

It happens whether or not the timestamp of the dynamic record past the No-refresh interval configured on the dns server. I really don't know what's going on here, any hints on how to fix this ?

Solution 1:

I suspect this is part of the granularity MS introduced in power saving the network adapter for win 7 vs win XP. ( http://support.microsoft.com/kb/2740020 ). The idea was to reduce "spurious wakes" on by having the network adapter turn off during sleep. You can maintain the sleep function but keep the network adapter from going to sleep ( http://technet.microsoft.com/en-us/library/ee617165%28v=ws.10%29.aspx ). I have not played around with this enough in a production environment to contrast whether fast logon being enabled or not makes enough of a difference in this situation though I would imagine it would exacerbate the issue. ( http://support.microsoft.com/kb/305293 ). Recommend keeping network adapter from sleeping while letting computer sleep and test from there. HTH