Domain Controller: Windows Server 2008 R2
Client: Windows 7
For the past 3-4 days, I was trying to register some client desktops / laptops to get their DNS entry dynamically by various methods such as ipconfig /registerdns & re-adding to domain.
Still they didn't get registered with the DC (DNS manager). In the DNS, Dynamic updates is set to Secure only (It is an Active Directory Integrated Zone).
For testing, I changed the Dynamic update to Nonsecure and Secure and after running ipconfig /registerdns, it gets registered.
I don't understand why it doesn't get registered when Dynamic update is set to Secure only.
I know Secure only means it will register and update only if it gets authenticated.
But my question is the client desktop / laptop is already joined to a Domain and I also re-joined to the domain. Still it doesn't get registered in DNS (when Dynamic update is set to Secure only)
It's a security risk if I keep Dynamic update set to to Nonsecure and Secure.
To have Secure Dynamic Updates you have to use Microsoft DHCP Service, which is Authorized in your domain. Then DHCP service will update your DNS records automatically.