Re: Scavenging DNS records

From: Herb Martin (news_at_LearnQuick.com)
Date: 12/07/04 

Date: Tue, 7 Dec 2004 14:46:13 -0600

"Nancy Kafer" <nkafer@homesteaderslife.com> wrote in message
news:OFOWumI3EHA.1144@TK2MSFTNGP09.phx.gbl...
> Thanks for the advice. Here's my dilemma. I am trying to remote control
> these remote laptops however, I am running into an issue where more than
one
> machine is registered in DNS with the same IP. This happens because these
> addresses are being used for VPN connections. When I try to control the
> laptop from SMS it uses the IP address and is trying to control the wrong
> machine.
>
> Is there a better way to keep DNS cleaned up so this doesn't happen? I've
> thought about just assigning static IP addresses to these users via a
> DHCP/MAC address match. However the issue I run into here is that I need
to
> be able to assign the address to the network adapter on the VPN client.

In Native+ mode you can assign the IP to the USER
(in the user property ***) for RRAS connections.

There is actually a CLIENT IP property *** on the
RRAS (Dial/VPN) on both the client and server side
and you MIGHT be able to set it on the clients so they
register their addresses (just like you can set it on
ever real NIC.)

You have to look in the connection Advanced properties
(or whatever it's called -- I think of it as "behind" the
main property *** for Dial/VPN connections.)

Once you display that, it looks JUST LIKE a NIC property
*** and you can override all sorts of things -- be careful,
most of the time you want the RRAS server to set this stuff
like DHCP would. 

-- 
Herb Martin
>
> Thanks.
>
> Nancy
>
> "Herb Martin" <news@LearnQuick.com> wrote in message
> news:%23u%23axfH3EHA.1152@TK2MSFTNGP14.phx.gbl...
> > "Nancy Kafer" <nkafer@homesteaderslife.com> wrote in message
> > news:#kGQlIH3EHA.1452@TK2MSFTNGP11.phx.gbl...
> > > I have configured my DNS server according to the HOWTO: article on
> > > Microsoft's website. I have set the refresh interval and no-refresh
> > interval
> > > to 1 hour.
> >
> > Don't do this unless you are absolutely sure that 1) you
> > REQUIRE this and 2) you have TESTED it.
> >
> > Especially if you have WANS.
> >
> > Scavenging should seldom be set faster than the default
> > of 2-3 weeks.
> >
> > >  I also set the automatic scavenging property on the DNS server
> > > itself to 1 hour. When I look at my DNS records I see records that I
> think
> > > should have been scavenged because the time to scavenge property is
> > earlier
> > > than the current time + the no-refresh interval + the refresh
interval.
> > >
> > > Why are these records not being scavenged? Here's my dilemma. I have
> > remote
> > > users that VPN into our network. Right now if I look at the DNS
records
> > for
> > > the IP addresses that are associated with my VPN users I see multiple
> > > records for a particular IP address. I need these records to disappear
> as
> > > soon as possible after the user disconnects their VPN connection. How
> can
> > I
> > > achieve this?
> >
> > If you lose connection between AD integrated DNS DCs
> > for more than the scavenging period they will scavenge
> > each other's records and lose connectivity -- requiring you
> > to re-initialize you DNS and then your AD replication from
> > (near) scratch.
> >
> >
>
>