Hello All,We have Windows 2003 domain with Vista clients. These Windows 2003 domaiin controllers also run DNS (AD intgerated) and DHCP servers. All our member servers are on static IP's and all Vista machines are DHCP clients.We have two scopes with options for DNS, WINS and domain. I also have option 002 defined in options for Microsoft release DHCP lease on shutdown. Also on DHCP properties under DNS I have checked: > enable DNS dynamic updates according to the settings below with Always dynamically update DNS A and PTR records > discard A and PTR records when lease is deleted > dynamically update DNS A and PTR records for DHCP clients that do not request updates.We don't perfrom scavenging on our zones as it burned me big time couple of times. Our DHCP clients also have the default option checked "Register the connection address in DNS" checked. I am aware that we need to uncheck this option so that a machine will not attempt to register its IP address to DNS.The issue is we see duplicate IP addresses for different hosts in our Forward Lookup Zones. For example:COMPUTER 1 : 192.168.10.11COMPUTER 2 : 192.168.10.11 Also in Forward lookup zones I see a machine COMPUTER 3 with address 192.168.10.12 and in reverse lookup zone(PTR record)192.168.10.12 associated with COMPUTER 4 and no PTR records fro COMPUTER 3.Looking at DHCP console, there is duplicate addresses at all and the database seems to be fine. But DNS has all these duplicate enties. I believe these are residues from the machine registering its connection address to DNS. One way of doing this is by unchecking "Register the connection address in DNS" through a group policy as we are talking about a big enetrprise with thousands of machines. Is there anything I should be worried to prevent from having duplicates IP address in Forward and Reverse lookup zones? How could one say the records that appear in DNS are from DHCP or the machines itself? What are the recommended steps other than scavenging?Thanksin advance

1) I would advise not to use DHCP to register records in DNS. Windows 2000 and later can register with DNS without any additional assistance from DHCP. Those DHCP settings are really meant for systems that are unable to register on their own.2) To check to see who is the owner of the DNS address, check the SECURITY tab on the DNS record. If the client registered it, it will appear on the ACL with the permissions to that record.3) Unless you are short in the IP pool, I see no benefit to have the clients release their leases. If you are short, you should consider breaking up the subnets for your workstations.I also experienced (years ago) with the DHCP/DNS registration option. All of these issues appears to go away once our clients registered on their own. We also have WINS so any downlevel client that could not register with DNS, would register with WINS. Our DNS zones are configured to cross-reference WINS for any lookups that include systems that are not found in the zone. Visit my blog: anITKB.com, an IT Knowledge Base.