Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Applies To: Windows Server 2008 R2, Windows Server 2012
This topic is intended to address a specific issue identified by a Best Practices Analyzer scan. You should apply the information in this topic only to computers that have had the Dynamic Host Configuration Protocol Best Practices Analyzer run against them and are experiencing the issue addressed by this topic. For more information about best practices and scans, see Best Practices Analyzer (https://go.microsoft.com/fwlink/?LinkId=122786).
Operating System |
Windows Server 2008 R2, Windows Server 2012 |
Product/Feature |
Dynamic Host Configuration Protocol (DHCP) |
Severity |
Error |
Category |
Configuration |
Name protection has been enabled but the DNSupdateproxy group has not been secured.
Name protection may not work without the DNSupdateproxy group being secured.
Using dnscmd, set the OpenACLOnProxyUpdates to 0 to secure the DNSupdateproxygroup.
DNS update security is available only for zones that are integrated into Active Directory. After you integrate a zone, you can use the access control list (ACL) editing features that are available in the DNS snap-in to add or to remove users or groups from the ACL for a specific zone or for a resource record.
To perform the following procedures, you must be a member of the Administrators group on the local computer, or you must have been delegated the appropriate authority. If the computer is joined to a domain, members of the Domain Admins group might be able to perform this procedure.
Click Start, click All Programs, click Accessories, right-click Command Prompt, and then click Run as administrator.
Click Yes if prompted by User Account Control, type dnscmd /config /OpenAclOnProxyUpdates 0 and then press ENTER.
For updated detailed IT pro information about DHCP, see the Windows Server 2008 R2 documentation on the Microsoft TechNet Web site.