13.18. Preventing Windows Clients from Attempting Dynamic Updates

Problem

You've disabled dynamic updates entirely on your name servers for security reasons and want to ensure that clients don't waste processing cycles by sending dynamic updates to your servers.

Solution

Using a graphical user interface

To disable dynamic updates for a specific interface such as Local Area Connection, do the following:

  1. For Windows 2000, click Start Settings Network and Dialup Connections. For Windows XP click Start Control Panel Network Connections.

  2. Double-click on Local Area Connection and click Properties.

  3. Double-click on Internet Protocol (TCP/IP) and click Advanced.

  4. Select the DNS tab and clear the checkbox labeled Register this connection's address in DNS.

To disable dynamic updates globally for all interfaces on a client, do the following:

  1. Open Registry Editor (regedit.exe).

  2. In the left pane, navigate to the following key: HKLM\CurrentControlSet\Services\Tcpip\Parameters.

  3. From the menu, select Edit New DWORD Value, type DisableDynamicUpdate, and click OK.

  4. Double-click on DisableDynamicUpdate and assign it a value of 1.

  5. Close Registry Editor and reboot the client computer.

On Windows Server 2003, you can also use Group Policy to disable dynamic updates on Windows XP and 2003 clients:

  1. Open the Active Directory Users and Computers (ADUC) snap-in.

  2. In the left pane, right-click on the domain or OU that contains the computer objects for your client computers and select Properties.

  3. Select the Group ...

Get Windows Server Cookbook now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.