Hello,
I have a problem where duplicate IP DNS records are causing my domain DHCP computers to fall off the domain with Authentication issues due to failed RPC and broken AD Kerberos connections. And before you ask, 'Yes' I have both DNS scavenging and DHCP Conflict Detection enabled -> It's just the usual sliding window of possible duplicate DNS records when the clients are turnned off and on at a high rate, with a DHCP lease period of 8 days and a total scavenge period of 7 days.
Via a PS script, I have dertermined most of these failed computers have a password > 90 days, as well as a broken Kerberos connection (determined via 'nltest /server:computer /sc_query:domain'), but some have good passwords (i.e. < 90 days), but broken Kerberos connections.
Question 1: How can I prevent this sliding window of possible duplicate IP address DNS records?
Question 2: Why do some of the above mentioned problem computers have a good computer password, but still a bad secure AD connection?
Question 3: Is there any way to prevent this entire above scenario from occuring?
Cheers,
Cosmo