Dynamic Updates is the feature in DNS server in Windows Server 2003 which enables DNS clients to register their IP addresses with their names in DNS database automatically. As this feature considerably reduces administrative overhead it also makes a DNS server vulnerable to various attacks. Therefore in many scenarios administrators disable this feature whereas in some of them administrators allow only secured dynamic updates in order to balance the tasks. You can configure Dynamic Updates in DNS server by following the steps given below:
- Log on to the DNS server using administrative privileges.
- Click on Start button.
- From the start menu go to Administrative Tools and from the submenu click on DNS.
- From the opened snap in expand the name of your computer (which is PCTIPS-3000 in this case).
- From the left pane expand Forward Lookup Zone.
- From the list right click the domain name which is TESTDOMAIN.COM in this case and select Properties.
- On the Properties box ensure that you are on General tab and from the Dynamic Updates drop-down list choose appropriate option.
- Click on Ok button to accept and confirm your selection.
When a DNS server is configured to accept only secured dynamic updates this means that only the machines which are members of active directory domain can register themselves with DNS servers automatically. If any computer is not a member of active directory domain it would not be able to register itself with the DNS server. Not to mention that Secured Dynamic Updates feature is only available if the DNS server has active directory integrated DNS zone.