AD DHCP leases and renamed computers not be cleaned up.

Active Directory
DNS Records
Microsoft Windows Server 2003
We currently rely on DHCP to update DNS.(Note: DNS Scavenging isn't enabled b/c it has removed needed records in the past)..... We often run into problems where renamed computers have their old computer name record remain in dns b/c the lease never actually expired. This creates tons of orphaned records in DNS. Does anyone have a recommendation on how to fix this? It seems windows DHCP will only delete DNS records that expire normally.

Answer Wiki

Thanks. We'll let you know when a new response is added.

The DNS update requests are issued by the client, and the DHCP server perform those updates on their behalf. When a client is renamed, it should request both, the creation of the new DNS records, and the deletion of the old DNS records.

The server can be configured to perform DNS updates regardless of whether the client requests this action or not. You could try this, to see if it helps.

To modify this setting, select the Enable DNS dynamic updates according to the settings below check box and click Always dynamically update DNS A and PTR records, which is located in Properties on the DNS tab on the applicable DHCP server or on one of its scopes.

Another possibility, if you have more than one DHCP server, is that one DHCP server creates the DNS records (and thus becomes the owner of the name), but later when a DNS update is requested for that client, if for any reason the owner DHCP server is not available, no other DHCP server can update the records, because they are not the owners of the name.

If that is the case, the problem could be solved by adding all DHCP servers as members of the DnsUpdateProxy built-in security group, but this involves other security-related issues.

Here’s a Microsoft document that explains some of these topics in detail: Using DNS servers with DHCP.

Discuss This Question: 4  Replies

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.
  • Troy Tate
    What is your lease time? About 8 hours is a good length. Clients will begin to renew the lease around 4 hours. Printers and other devices that are on all the time can have longer leases.
    0 pointsBadges:
  • EastCoastGuy
    The settings to allow dynamic updates to DNS and discard A and PTR records is enabled. The DHCP lease time is set to 3 days. This problem seems to happen with renamed clients. A common example is imaged computers that have temp names and are then renamed.
    250 pointsBadges:
  • carlosdl
    and, do you have more than one DHCP server ?
    85,885 pointsBadges:
  • EastCoastGuy
    We have 3 AD DHCP servers. It's a basic site setup in AD where each site has a local DHCP server.
    250 pointsBadges:

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

Thanks! We'll email you when relevant content is added and updated.


Share this item with your network: