When specifying DHCP servers in the DnsUpdateProxy, should the ACL For the record show the machine account (DHCPSERV1$) or should it show (DNSUPDATEPROXY)?
I'm looking at some Zones, and I see that the DHCP server as having FullControl, and the owner as SYSTEM. Would a 2nd DHCP server in the DNSUPDATEPROXY group be able to update the record? Also, I am in the middle of scripting converting Reverse zones from a Class B to a more granular Class C scheme. We need to turn on scavenging on only specific zones, and not other to avoid missing records. If I export and re-import these records, my account shows up on the ACL, and the owner of SYSTEM. I am going to assume that the DHCP nor a w2k client can not update these records. Is there a way to import records and retain the DNSUpdateProxy ACL even though it is a system group? Any suggestions? I fear these PTR records would not be able to the refreshed until after they are scavenged.... Jef List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
