DNS discovery and option 43 in DHCP which is prior

Similar Messages

• DNS aging and DHCP lease

  Hi all,
  I have AD integrated DNS server. Need advise how to set DNS aging\scavenging based on DHCP lease time. I know how the process works. Found couple of articles where is written "DHCP
  lease duration should match the “no-refresh + refresh” interval."
  Why should DHCP lease be equal to the sum of non-refresh and refresh interval? From my point of view DHCP lease time should be more than DNS non-refresh interval (and less then non-refresh + refresh interval) so DNS clients are able to register new DHCP
  assigned IP address to DNS within refresh period, right?
  Are there any "rules" which tells me what's the best set up of all this timers?
  Tomas

  Hi all,
  Why should DHCP lease be equal to the sum of non-refresh and refresh interval? 
  Because when Non-refresh and Refresh interval expires and the record is not updated it is considered as inactive as Ahmed said. My environment is based on
  (NonRef+Ref) = Lease and works correctly. Just do not try to scavenge records on AD Integrated zones if DHCP lease is something like 2-3 days. Yo will end up in a confusion state with a lot of false
  positives which are considered as inactive but actually they are not inactives!
  Mahdi Tehrani   |  
    |  
  www.mahditehrani.ir
  Please click on Propose As Answer or to mark this post as
  and helpful for other people.
  This posting is provided AS-IS with no warranties, and confers no rights.
  How to query members of 'Local Administrators' group in all computers?

• I have a iPhone 5 and I am not able to toggle between the show my caller Id option on and off. How can I do that ??? It always shows greyed out and also because of which I am not able to make outgoing calls. So please help

  I have a iPhone 5 and I am not able to toggle between the show my caller Id option on and off. How can I do that ??? It always shows greyed out and also because of which I am not able to make outgoing calls. So please help

  Not all carriers allow that to be set using preferences in the phone. Contact your carrier.

• I have an iPhone 4S running software 5.1 (9B179) and cannot sync the photos in PhotoStream with iPhoto '11 v 9.2.1 (628). There's no option to update iPhoto and no option of PhotoStream (which is enabled on my phone). Can anyone help?

  I have an iPhone 4S running software 5.1 (9B179) and cannot sync the photos in PhotoStream with iPhoto '11 v 9.2.1 (628). There's no option to update iPhoto and no option of PhotoStream (which is enabled on my phone). Can anyone help?

  Thanks, Peter. 
  The "link related" and "text related" crashes were what I interpretted here, too, though I'm at a loss on how to proceed given that this is a fresh system and applications.  This is happening with multiple InDesign projects in a design office environment where many others work on the same files and none of the other computers are having problems with these files.  I've removed the same files listed (thank you for those) before and did so effectively with creating the new user account to test with, but it had no effect.  I just tried again though, as these files could easily have becone corrupt again if they were being written to when InDesign crashed.  Will let you know if that makes any difference.  I've also gone through and completely cleaned out the fonts again and once more cleared the font caches.  If need be I'll reboot this system into safe mode and try that way.
  Best,
  Mike

• Microsoft DNS and 3rd Party DHCP (Infoblox)

  We are running Microsoft DNS with Infoblox as our DHCP and IPAM system. We realized that DHCP is not removing PTR and A records when an IP is released. We want to make sure that DHCP does do this but there is no information on how. We believe we need to
  implement Dynamic Updates on Infoblox but we are unsure on how to give it permission to manage the records. Infoblox said there is no place to put domain credentials.  I did find an article where we can use ktpass.exe but didn't give any further information. 
  Any help would be greatly appreciated.

  Hi,
  According to your description, my understanding is that Microsoft DNS server works with Infoblox as DHCP and IPAM. DHCP does not remove PTR and A records when an IP is released.
  Is that an AD-Integrated zone on your DNS server?  And if it is configured with a Secure Dynamic Update, only the “owner” is allowed to update resource records in such zones. Detailed information about
  Secure Dynamic Update you may reference:
  https://technet.microsoft.com/en-us/library/cc961412.aspx
  You may try to configure the zone with non-security update(DNS
  console – right click zone and select Properties – General
  – Dynamic Update, configured as None or Nunsecurity and security).
  Besides, as Microsoft DHCP server, we have related settings to specific the DHCP server to remove DNS RRs on behavior of clients at expiration of the IP address lease. it is better to contact the Infoblox Supporter about this function.
  A work around way to clean these stale RRs – DNS Aging and Scavenging:
  http://social.technet.microsoft.com/wiki/contents/articles/21724.how-dns-aging-and-scavenging-works.aspx
  Best Regards,
  Eve Wang
  Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact [email protected]

• HT204266 I want to buy the Craigslist pro app and when I sign into iTItem as described and fast shipping! Aunes with my Apple ID  and password ( both of which I know) it then asks security questions that I never chose ( or are even options to chose) in my

  I want to buy the Craigslist pro app and when I sign into iTItem as described and fast shipping! Aunes with my Apple ID  and password ( both of which I know) it then asks security questions that I never chose ( or are even options to chose) in my profile.

  If you don't know their answers then if you have a rescue email address (which is not the same thing as an alternate email address) set up on your account then the steps half-way down this page should let you reset them : http://support.apple.com/kb/HT5312
  If you don't have a rescue email address (you won't be able to add one until you can answer 2 of your questions) then you will need to contact iTunes Support / Apple to get the questions reset.
  Contacting Apple about account security : http://support.apple.com/kb/HT5699
  When they've been reset (and if you don't already have a rescue email address) you can then use the steps half-way down the HT5312 link above to add a rescue email address for potential future use

• HT1277 Automatic set up for mail isnt working, on the "welcome to mail" pop up its not recognising my password and gives me no option to reset, which password should I be entering? Im assuming its the one for my Mac ? also tried my Yahoo one but no joy...

  Automatic set up for mail isnt working, on the "welcome to mail" pop up its not recognising my password and gives me no option to reset, which password should I be entering? Im assuming its the one for my Mac ? also tried my Yahoo one but no joy.....

     start mail then:
    Preferences> Accounts>  click the  [+] icon and  fill in the blanks.
  select  POP account
    Here are the basic server settings for Yahoo! Mail:
  Incoming Mail (POP3) Server: pop.mail.yahoo.com (Use SSL, port: 995)
  Outgoing Mail (SMTP) Server: smtp.mail.yahoo.com (Use SSL, port: 465, use authentication)
  Account Name/Login Name: Your Yahoo! Mail ID (your email address without the "@yahoo.com")
  Email Address: Your Yahoo! Mail address (e.g., [email protected])
  Password: Your Yahoo! Mail password

• I have Mavericks on my iMac and the latest version of iPhoto 9.5.1 (902.17) but no book, card, calendar, album, slideshow, print and order prints options under Share, which still shows Set Desktop.  Any ideas please?

  I have Mavericks on my iMac and the latest version of iPhoto 9.5.1 (902.17) but no book, card, calendar, album, slideshow, print and order prints options under Share, which still shows Set Desktop.  Any ideas please?

  LN,
  Since I couldn't expand the zip file on my desktop, I expanded the file on an external drive.  Here's the information:
  Hardware Information:
            iMac (27-inch, Late 2012)
            iMac - model: iMac13,2
            1 3.4 GHz Intel Core i7 CPU: 4 cores
            8 GB RAM
  Video Information:
            NVIDIA GeForce GTX 675MX - VRAM: 1024 MB
  Audio Plug-ins:
            BluetoothAudioPlugIn: Version: 1.0 - SDK 10.9
            AirPlay: Version: 1.9 - SDK 10.9
            AppleAVBAudio: Version: 2.0.0 - SDK 10.9
            iSightAudio: Version: 7.7.3 - SDK 10.9
  Startup Items:
            NUDC: Path: /Library/StartupItems/NUDC
  System Software:
            OS X 10.9.1 (13B42) - Uptime: 0 days 0:16:52
  Disk Information:
            APPLE HDD ST1000DM003 disk0 : (1 TB)
                      EFI (disk0s1) <not mounted>: 209.7 MB
                      Macintosh HD (disk0s2) /: 999.35 GB (698.05 GB free)
                      Recovery HD (disk0s3) <not mounted>: 650 MB
  USB Information:
            Apple Inc. iPod
            HGST G-Drive Mobile USB 1 TB
                      EFI (disk1s1) <not mounted>: 209.7 MB
                      iMac Backup (disk1s2) /Volumes/iMac Backup: 999.86 GB (10.14 GB free)
            Elgato Systems EyeTV Hybrid
            Apple, Inc. Keyboard Hub
                      Apple, Inc Apple Keyboard
            Apple Inc. FaceTime HD Camera (Built-in)
            Apple Inc. MacBook Air SuperDrive
            Apple Inc. BRCM20702 Hub
                      Apple Inc. Bluetooth USB Host Controller
  FireWire Information:
            LSI Logic SYM13FW500-CDROM DRIVE 400mbit - 400mbit max
            Newer Technology, Inc. Oxford ATA Device 00 800mbit - 800mbit max
                      disk3s1 (disk3s1) <not mounted>: 32 KB
                      disk3s2 (disk3s2) <not mounted>: 29 KB
                      disk3s3 (disk3s3) <not mounted>: 29 KB
                      disk3s4 (disk3s4) <not mounted>: 29 KB
                      disk3s5 (disk3s5) <not mounted>: 29 KB
                      disk3s6 (disk3s6) <not mounted>: 262 KB
                      disk3s7 (disk3s7) <not mounted>: 262 KB
                      disk3s8 (disk3s8) <not mounted>: 262 KB
                      Media (disk3s10) /Volumes/Media: 499.97 GB (151.37 GB free)
            Newer Technology, Inc. Oxford ATA Device 00 800mbit - 800mbit max
                      EFI (disk2s1) <not mounted>: 209.7 MB
                      Mini Stack (disk2s2) /Volumes/Mini Stack: 999.86 GB (470.15 GB free)
  Thunderbolt Information:
            Apple Inc. thunderbolt_bus
                      Apple Inc. Thunderbolt to FireWire Adapter
  Kernel Extensions:
            com.AmbrosiaSW.AudioSupport          (4.1.2 - SDK 10.6)
            com.netralia.driver.VBMicDriver          (1.0.0 - SDK 10.7)
            com.netralia.driver.VBSpeakerDriver          (1.0.0 - SDK 10.7)
  Problem System Launch Daemons:
  Problem System Launch Agents:
            [failed] com.apple.accountsd.plist
  Launch Daemons:
            [loaded] com.adobe.fpsaud.plist
            [loaded] com.elgato.EyeConnect.plist
            [failed] com.google.GoogleML.plist
            [loaded] com.google.keystone.daemon.plist
            [loaded] com.microsoft.office.licensing.helper.plist
            [invalid] com.oracle.java.Helper-Tool.plist
  Launch Agents:
            [failed] com.epson.eventmanager.agent.plist
            [failed] com.google.keystone.agent.plist
            [invalid] com.oracle.java.Java-Updater.plist
  User Launch Agents:
            [loaded] com.google.Chrome.framework.plist
            [failed] com.google.GoogleContactSyncAgent.plist
  User Login Items:
            EyeTV Helper
            apple-scc-20131222-190227
            Skype
            Messages
            Thunderbird
  3rd Party Preference Panes:
            remoting_host_prefpane
            Déjà Vu
            DivX
            Flash Player
            Flip4Mac WMV
            GPGPreferences
  Internet Plug-ins::
            Shutterfly: Version: 3.0.1
            Google Earth Web Plug-in: Version: 6.2
            Default Browser: Version: 537 - SDK 10.9
            Flip4Mac WMV Plugin: Version: 3.2.0.16   - SDK 10.8
            Musicnotes: Version: 1.17.3
            OfficeLiveBrowserPlugin: Version: 12.3.5
            PandoWebInst: Version: 1.0
            FlashPlayer-10.6: Version: 12.0.0.39 - SDK 10.6
            DivXBrowserPlugin: Version: 1.4
            RealPlayer Plugin: Version: (null)
            Flash Player: Version: 12.0.0.39 - SDK 10.6 Outdated! Update
            iPhotoPhotocast: Version: 7.0
            googletalkbrowserplugin: Version: 4.9.1.16010
            QuickTime Plugin: Version: 7.7.3
            AdobePDFViewer: Version: Unknown
            Photo Center Plugin: Version: Photo Center Plugin 1.1.2.0
            Silverlight: Version: 5.1.20913.0 - SDK 10.6
            ContentUploaderPlugin: Version: 1.2
            JavaAppletPlugin: Version: 14.9.0 - SDK 10.7 Outdated! Update
  User Internet Plug-ins::
            WebEx64: Version: 1.0
            Move_Media_Player: Version: npmnqmp 071505000006
            WebEx: Version: 1.0
            MRJPlugin: Version: 1.0-JEP-0.9.0
  Bad Fonts:
            None
  Old applications:
            Audiogalaxy Helper:          Version: 3 - SDK 10.5
                      /Applications/Audiogalaxy Helper.app
            Disc Cover 3:          Version: 3.0.10 - SDK 10.5
                      /Applications/Disc Cover 3.app
            Epson Printer Utility 4:          Version: 9.14 - SDK 10.5
                      /Library/Printers/EPSON/InkjetPrinter2/Utility/UT4/Epson Printer Utility 4.app
            Keynote:          Version: 5.3 - SDK 10.5
                      /Applications/iWork '09/Keynote.app
            Kies:          Version: 2.1.0.13071_1 - SDK 10.5
                      /Applications/Kies.app
            Microsoft Alerts Daemon:          Version: 14.3.1 - SDK 10.5
                      /Applications/Microsoft Office 2011/Office/Microsoft Alerts Daemon.app
            Microsoft AutoUpdate:          Version: 2.3.6 - SDK 10.4
                      /Library/Application Support/Microsoft/MAU2.0/Microsoft AutoUpdate.app
            Microsoft Chart Converter:          Version: 14.3.1 - SDK 10.5
                      /Applications/Microsoft Office 2011/Office/Microsoft Chart Converter.app
            Microsoft Clip Gallery:          Version: 14.3.1 - SDK 10.5
                      /Applications/Microsoft Office 2011/Office/Microsoft Clip Gallery.app
            Microsoft Database Daemon:          Version: 14.3.1 - SDK 10.5
                      /Applications/Microsoft Office 2011/Office/Microsoft Database Daemon.app
            Microsoft Database Utility:          Version: 14.3.1 - SDK 10.5
                      /Applications/Microsoft Office 2011/Office/Microsoft Database Utility.app
            Microsoft Document Connection:          Version: 14.3.1 - SDK 10.5
                      /Applications/Microsoft Office 2011/Microsoft Document Connection.app
            Microsoft Error Reporting:          Version: 2.2.9 - SDK 10.4
                      /Library/Application Support/Microsoft/MERP2.0/Microsoft Error Reporting.app
            Microsoft Excel:          Version: 14.3.1 - SDK 10.5
                      /Applications/Microsoft Office 2011/Microsoft Excel.app
            Microsoft Graph:          Version: 14.3.1 - SDK 10.5
                      /Applications/Microsoft Office 2011/Office/Microsoft Graph.app
            Microsoft Language Register:          Version: 14.3.1 - SDK 10.5
                      /Applications/Microsoft Office 2011/Additional Tools/Microsoft Language Register/Microsoft Language Register.app
            Microsoft Office Reminders:          Version: 14.3.1 - SDK 10.5
                      /Applications/Microsoft Office 2011/Office/Microsoft Office Reminders.app
            Microsoft Outlook:          Version: 14.3.1 - SDK 10.5
                      /Applications/Microsoft Office 2011/Microsoft Outlook.app
            Microsoft PowerPoint:          Version: 14.3.1 - SDK 10.5
                      /Applications/Microsoft Office 2011/Microsoft PowerPoint.app
            Microsoft Ship Asserts:          Version: 1.1.4 - SDK 10.4
                      /Library/Application Support/Microsoft/MERP2.0/Microsoft Ship Asserts.app
            Microsoft Upload Center:          Version: 14.3.1 - SDK 10.5
                      /Applications/Microsoft Office 2011/Office/Microsoft Upload Center.app
            Microsoft Word:          Version: 14.3.1 - SDK 10.5
                      /Applications/Microsoft Office 2011/Microsoft Word.app
            My Day:          Version: 14.3.1 - SDK 10.5
                      /Applications/Microsoft Office 2011/Office/My Day.app
            Numbers:          Version: 2.3 - SDK 10.5
                      /Applications/iWork '09/Numbers.app
            Open XML for Excel:          Version: 14.3.1 - SDK 10.5
                      /Applications/Microsoft Office 2011/Office/Open XML for Excel.app
            Pages:          Version: 4.3 - SDK 10.5
                      /Applications/iWork '09/Pages.app
            SLLauncher:          Version: 1.0 - SDK 10.5
                      /Library/Application Support/Microsoft/Silverlight/OutOfBrowser/SLLauncher.app
            Senuti:          Version: 1.2.9 - SDK 10.5
                      /Applications/Senuti.app
            Solver:          Version: 1.0 - SDK 10.5
                      /Applications/Microsoft Office 2011/Office/Add-Ins/Solver.app
            SyncServicesAgent:          Version: 14.3.1 - SDK 10.5
                      /Applications/Microsoft Office 2011/Office/SyncServicesAgent.app
            TechTool Deluxe:          Version: 3.1.4           - SDK 10.4
                      /Applications/TechTool Deluxe.app
            TurboTax Home Business 2011:          Version: 2011.r15.011 - SDK 10.4
                      /Applications/TurboTax Home Business 2011.app
  Time Machine:
            Skip System Files: NO
            Mobile backups: OFF
            Auto backup: YES
            Volumes being backed up:
                      Macintosh HD: Disk size: 930.71 GB Disk used: 280.61 GB
            Destinations:
                      iMac Backup [Local] (Last used)
                      Total size: 931.19 GB
                      Total number of backups: 31
                      Oldest backup: 2013-12-19 05:31:29 +0000
                      Last backup: 2013-12-26 15:57:21 +0000
                      Size of backup disk: Adequate
                                Backup size 931.19 GB > (Disk used 280.61 GB X 3)
            Time Machine details may not be accurate.
            All volumes being backed up may not be listed.
  Top Processes by CPU:
                 2%          EyeTV
                 1%          WindowServer
                 1%          Google Chrome
                 1%          EtreCheck
                 0%          AddressBookSourceSync
  Top Processes by Memory:
            328 MB          thunderbird
            213 MB          com.apple.IconServicesAgent
            205 MB          mds_stores
            197 MB          iPhoto
            164 MB          Google Chrome
  Virtual Memory Statistics:
            2.81 GB          Free RAM
            3.50 GB          Active RAM
            778 MB          Inactive RAM
            948 MB          Wired RAM
            499 MB          Page-ins
            0 B          Page-outs

• Dhcp relay and option 82 on solaris 10

  Hi
  I cannot seem to find any information on this topic, there are lots of references to it for linux but not solaris.
  Can anybody recommend any links or tips on setting this up?
  Thanks

  Thanks, I upgraded software to newest 1.3.0.59, then rebooted. After configuring ( only option 82 - no relay agent ) there is still no 82 option in dhcp discover packets.
  Wireshark with captured dhcp discover broadcast packet. Dhcp part:
  As You can see - there is no 82 option.
  All interfaces are trusted (dhcp snooping).
  Should I configure anything else to make it work ?
  regards,

• Dynamic DNS issues and/or confusion

  I work for a small university.  We have two domain controllers running on Windows 2008 (not R2).  On dc2 we have a DHCP server running serving several VLANs across campus.  We've been having issues where the dynamic DNS entries contain an
  incorrect IP address for several machines.  In some cases there are even several entries for a single machine.  I've notice two main issues by looking at the DNS server.  First, old entries aren't being cleaned up.  Second, after re-imaging
  a workstation the DNS entry for that machine is not being updated.  After doing some research I came across the blog entry from Ace Fekay on how to go about setting up dynamic DNS.  I immediately determined from reading that scavenging was not setup
  properly on our server.  I think I've corrected that problem, but I'll have to be patient and see what happens over time.  This brings me to the issue of machines not adding themselves or updating their records in DNS.
  After reading Ace's blog I decided to follow his recommendations for configuring dynamic DNS.  I created a normal active directory user to use for configuring the DHCP credentials (it appears our server was set to use domain administrator previously).
   I added the DHCP computer object (this is also one of our domain controllers) to the DnsUpdateProxy group. On the DHCP server I have checked "Enable DNS dynamic updates according to the settings below" along with the "Always A and PTR
  records when lease is deleted".  I also checked "Dynamically update DNS A and PTR records for DHCP clients that do not request updates...".  After doing all of this I rebooted the dc2 server.  I then manually deleted all of the
  existing dynamic entries on the DNS server, so they could properly be recreated.  Now, here is the problem after setting all of this up.  I'm now seeing student's personal machines, phones, tablets, etc. being populated in our DNS.  Before making
  these changes only domain joined machines existed in DNS.  Our DNS is configured to allow only secure updates.  Why is it that now non domain trusted devices are being allowed to create DNS entries?  I was under the assumption that secure updates
  meant domain only.  Am I not understanding something properly here?  Can someone please provide me some insight to what's going on and what I might be able to do to prevent non-domain joined devices from having entries created in DNS?

  Hi,
  According to your description, my understanding is that non domain trusted devices have been registered their DNS entries in DNS which is configured to allow only secure updates.
  If a DHCP server that is running on a domain controller is configured to perform dynamic updates on behalf of its clients, that DHCP server is able to take ownership of any record, even in the zones that are configured to allow only secure dynamic update.
  This is because a DHCP server runs under the computer account, so if it is installed on a domain controller it has full control over DNS objects stored in the Active Directory.
  DHCP server will perform dynamic updates on behalf of its clients when you enable the option "Dynamically update DNS A and PTR records for DHCP clients that do not request updates...",  and this means that the “owner” of the DNS entries is
  DHCP server, not the clients. And the zone accepts the DHCP server’s update because the server has full permission.
  You may try to uncheck the option "Dynamically update DNS A and PTR records for DHCP clients that do not request updates...".
  Best Regards,
  Eve Wang
  Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact [email protected].
  Hi Eve,
  You are correct in your understanding that "non domain trusted devices have been registered their DNS entries in DNS which is configured to allow only secure updates."  I also made a mistake in my original post.  I meant to say that I also
  had "Always dynamically update DNS A and PTR records".  
  Now back to your reply.  Are you saying that if I had my DHCP server running on a non-domain controller that I would be seeing a different behavior in regards to permissions of DNS objects and that I wouldn't be experiencing the behavior of non domain
  trusted devices being created in a secure zone?  I thought setting the DNS dynamic credentials to a normal user account was supposed to help with security concerns in regards to DNS objects.  What would happen if someone named their personal computer
  the same name as one of our file servers or even a domain controller?  Would the DHCP/DNS server actually have the power to overwrite that record in DNS?
  I'll try your recommendation of unchecking the "Dynamically update DNS A and PTR records..." option and see what happens.
  Thanks for your reply...

• Multiple Forest DNS queries, and DFS

  Setup:
  2 physical servers hosting several virtual machines with 3 forests (domains) and 3 subnets.  The physical server has 4 NICs, each forest/subnets has its own dedicated NIC via virtual switch (so 1 NIC is empty).  Each NIC connects to a switch to
  allow workstations and other devices to connect to their proper forest/subnet directly.  These switches then connect to the sonicwall (firewall/router) in an individual port.  Each port has proper subnet defined in it.
  The 3 forests are c.com, l.lan, and w.web named.  c.com and l.lan use a 10.x.x.x/255.255.0.0 subnet.  w.web uses 192.168.x.x/255.255.0.0 subnet.  There are no trusts setup.
  I can ping from one forest/subnet to the other using IP address without issue so the IP routes are fine.  I can ping via FQDN without issue if I setup a forwarder, conditional forwarder, or stub zone.  Sometimes using just the forwarder, FQDN does
  NOT resolve.  Conditional and Stub seems to resolve always. 
  I can get c.com and w.web to resolve single-name (host name) addresses, but at the moment (transitioning) they are on the same subnet.  From some research, I can use single-name resolution if I setup a GlobalNameZone as well, which I might need to do.
  So my question is which is best practice and most reliable way to setup these different forests and subnets to perform DNS resolution?  I tried forwarders, but it wasn't always reliable.  I suspected caching as an issue, but after a flush, a FQDN
  would sometimes resolve and sometimes not.  Conditional and Stub seem to work okay, but I'm not sure about what's best.
  I've spent most of the day researching this, and nothing was every really definitive and sometimes even contradictory.  Previously the DNS Forwarders worked fine for us, but that was on the same subnet.  Differing subnets seems to break the internal-to-internal
  forwarding.
  Additionally the w.web domain has a domain level DFS.  Neither of the other forests can access it via the
  \\w.web\data address.  Though they can access it if I point them directly to the server hosting the DFS namespace.

  Windows Server doesn't work well with DNS Search Suffixes defined in DHCP scopes from what I read.
  http://technet.microsoft.com/en-us/library/dd572752(v=office.13).aspx
  Details how to set it up on Windows Server DHCP
  http://social.technet.microsoft.com/Forums/en-US/2eed4d4f-8d1b-4989-ac49-d95e08b7d54a/dhcp-dns-suffix-search-list-supported?forum=winserverNIS
  Details how Windows Server does not support it though.
  http://technet.microsoft.com/en-us/library/bb847901(v=exchg.150).aspx
  Details how to use Group Policy to deploy it.
  How I fixed this:
  1) Open Group Policy for the domain.
  2) Edit the "Default Domain Policy" to include DNS Suffix search for current domain and all other domains.
  3) Set normal forwarders on domain's DNS servers.
  4) Repeat on all domain.
  This partially fixed my problem.  Things were resolving more reliably, but there would be a failure once in a while as well.  I corrected this by adding a conditional forwarder along with the normal forwarder.
  Now I get full resolution of all items.  Additionally, I do not have to use the FQDN for my machines.  Just hostname resolves just fine.  HOWEVER I would suggest to anyone setting up machines to use FQDN where possible, don't be lazy. 
  This means I will not have to setup a GlobalName zone either.  Though I may do it for the experience.
  Another problem though is this only works on Windows machines.  Mobile phones (such as Android and iPhone) and other such devices will not know about the DNS Suffix search.  Fortunately most of those devices required the internet FQDN for services
  to work anyway, and when behind the firewall via WiFi or like, they'll be able to still resolve the internet FQDN of devices since we're using a split-brain DNS for that domain.

• Rogue DNS Settings appearing after initial DHCP lease

  I am having issues with DNS settings changing on clients soon after allocation via DHCP. This is a workgroup only, no windows domain. DHCP is running from a Fortigate 60b which acts as the primary DNS server and Google DNS configured as secondary. The DHCP lease time is 8 days, these DNS changes can happen 3 times or more in a working day. The network consists of a single subnet, there is also an internal wireless network using Ubiquiti AP's.
  1. Malware has been ruled out, having scanned machines with AV and Malware detection finding nothing.2. Have setup port mirroring on switch ports and scanned traffic for other sources of DHCP offer packets.. none found.3. When the DNS settings change they are different on each machine, but each time it is a valid IP for the network that can be found in the DHCP leases on the 60b.I was expecting to...
  This topic first appeared in the Spiceworks Community

  I am having issues with DNS settings changing on clients soon after allocation via DHCP. This is a workgroup only, no windows domain. DHCP is running from a Fortigate 60b which acts as the primary DNS server and Google DNS configured as secondary. The DHCP lease time is 8 days, these DNS changes can happen 3 times or more in a working day. The network consists of a single subnet, there is also an internal wireless network using Ubiquiti AP's.
  1. Malware has been ruled out, having scanned machines with AV and Malware detection finding nothing.2. Have setup port mirroring on switch ports and scanned traffic for other sources of DHCP offer packets.. none found.3. When the DNS settings change they are different on each machine, but each time it is a valid IP for the network that can be found in the DHCP leases on the 60b.I was expecting to...
  This topic first appeared in the Spiceworks Community

• Can I associate a ip dns view and/or ip dns view-group to a specific int ?

  is there a way to bind/associate a ip dns view and/or ip dns view-group to a specific interface so I can end with something like:
  interface FastEthernet0/0 description Inside
  interface FastEthernet0/1 description OutsideISP#1 ... want associated to dnsViewISP1
  interface FastEthernet0/2 description OutsideISP#2 ... want associated to dnsViewISP2
  ip dns view dnsViewISP1
  domain name-server n.n.n.11
  domain name-server n.n.n.12
  domain name-server interface FastEthernet0/1
  domain resolver source-interface FastEthernet0/0
  ip dns view dnsViewISP2
  domain name-server n.n.n.21
  domain name-server n.n.n.22
  domain name-server interface FastEthernet0/2
  domain resolver source-interface FastEthernet0/0
  ip dns view-list dnsViewListISP1
  view dnsViewISP1 1
  restrict source access-group aclDNS
  ip dns view-list dnsViewListISP2
  view dnsViewISP1 2
  restrict source access-group aclDNS
  ... so traffic routed to ISP#1 use dnsViewISP1/dnsViewListISP1
  ... so traffic routed to ISP#2 use dnsViewISP2/dnsViewListISP2
  I can set ip dns server view-group dnsViewListISP1 or dnsViewListISP2 but not both
  Router is acting as caching server with ip dns server enabled
  IOS 12.4.15T.9

  So after a couple of hours of playing around and testing I've finally found the correct settings to achieve this, I wasn't able to find the configuration options through the Windows Airport Utility client but borrow a MacBook Air from a family member and was able to find it:
  1. Open the AirPort Utility on a Mac computer.
  2. Click on your AirPort Device, then click "Edit".
  3. Select the "Internet" tab.
  4. Now in the "Domain Name" section type "yourhostname.ddns.net" or it could be "yourhostname.no-ip.com" or whatever other hostname No-IP.com may have assigned you.
  5. Now click the "Internet Options" button.
  6. At the bottom of the windows that opened tick the check box "Use dynamic global hostname"
  7. In the "Hostname" section fill it with "no-ip.ddns"
  8. In the "User" & "Password" sections fill it with the username and password that you chose when creating your "No-IP.com" account.
  9. Now click "Save" which will save the settings and click "Update" to update the Airport device which will also restart it.
  And you're done!
  Please note that it does sometimes take up to 5 to 10 minutes to update the DNS settings to No-IP.com, which caused me to think it wasn't working initially.
  Good luck!

• How to exclude specific PCs or Organization Unit from discovery and All system collection?

  We want to exclude some PCs from discovery and All System collection.
  1. We want to exclude with out modfing query of All System collection and without modifiing registry.
  2. We want to exclude with Organization unit container.
  We have also tested Include and exclude option which is avaible in system discovery (Discovery method)  but it is not working as per expected.
  Please help us.

  Jason messaged me offline and said that the method of denying read access does not always work. I was thinking that I had done that back in 2003 but have not tested it in the past 10 years or so. It would be easy to test though if you want to give it a try.
  Just browse to the OU on ADUC, right click, properties, security tab. Click Add, change the object type to computers, enter the same of the server that performs discovery, click ok, click deny on all boxes and click OK.
  Actually I just did it to write the instructions above. When I see in my adsysdis.log clearly indicates to me that, in my environment, this works.
  John Marcum | http://myitforum.com/myitforumwp/author/johnmarcum/

• How can I override the DNS Servers and Domain Name used by my Airport Time Capsule?

  The defaults picked up from my ISP's DHCP are to use the ISP's DNS servers and ISP's domain. I do not want this.
  With my prior router I set the DNS servers to Google's Public DNS (8.8.8.8 and 8.8.4.4) and my domain to either "bannister.us" (which I own) or "bannister.home". I do not want simple names resolving to some ISP default. (Yes, I know exactly what this does.)
  In the Apple AIrport Utility (version 6.3.2) the fields for DNS and Domain do not allow editing. (Why??)
  Is there some way to override this?

  Unfortunately not one that will work with the latest version TC.
  The way around it is to use a different router.. It can be a very simple router.. I usually recommend units like the TP-Link WDR3600 as they take good third party firmware like gargoyle, openwrt, dd-wrt.. ie they have real controls and beyond that a proper Linux firmware with command line interface.
  You can then change the TC over to static IP. It will not be the router.. but it will effectively become the local dhcp server.
  I have adsl so I cannot reproduce your system.. I have a bridged modem.. a router.. AC66U.. and a TC.. but the TC is not in bridge.. it is in static IP mode.
  Let me demonstrate.
  By setting a range on the main router from 1-199 (leave a space.. ) so set the TC to 192.168.2.201 and then you can set DNS and domain as you like. Set the dhcp range (leave a space) you could use 203-253.. then I use the main router as 254.
  It is brilliant.. all computers behind the TC receive the IP from the TC with whatever IP and dns (and domain although I haven't changed it).. Effectively the TC works as its own dhcp device.. but is merely a secondary dhcp server to the main unit.
  (This gives me netflix which is why I do it.. from well outside the US).
  It may be of use.
  Why leave a space.. well it helps it to work.. I have not tested it but another person reported issues and found leaving a space .. ie last ip in the router.. 199, static ip 201.. first dhcp 203 (i used 205 to help me keep count!!). worked.. I have not tried to reproduce the problem.. so I reproduce the solution.. it might be like sheep jumping over the fence.. even if the fence was removed the sheep keep jumping over at the same place. Just say bahhh and do likewise.