DNS security - no computername$ record in dns records RRS feed

  • Question

  • Hello,

    I have the following problem with our dns servers.

    In the security tab on the dns records we don't have the computername$ entry in the ACL of all of our dns record.

    If I remove one of the records and I perform a ipconfig /registerdns on the server i deleted the record form the record is registered correctly but the computeraccount entry is not added to the ACL of the dns record.

    Currently the zone is configured to allow secure and none secure updates.

    ON a test domain i've tested to configure a zone with secure and none secure updates to but also on the test domain the computeraccount$ entry is allways added to the ACL even if secure and none secure is enabled on the zone.

    Can someone please explain me why the computer account is not being added to the ACL's of the DNS records?

    • Edited by Arjandv Saturday, September 29, 2018 8:05 PM
    Friday, September 28, 2018 1:37 PM

All replies

  • Hi,

    Please try the following threads with the similar situation as yours to see if it works.

    Computer account not added to DNS record

    Fix Dynamic DNS Record Permissions Automagically

    Please Note: Since the web site is not hosted by Microsoft, the link may change without notice. Microsoft does not guarantee the accuracy of this information.

    In addition, I've conducted this test in my lab. In result of the same issue, computer$ didn't added to record ACL. Perhaps as above link mentioned, please check the emphasis point of DNS record in ADSI and computer SID.  

    Hope this helps. If you have any question or concern, please feel free to let me know. 

    Please remember to mark the replies as an answers if they help.
    If you have feedback for TechNet Subscriber Support, contact

    Monday, October 1, 2018 3:52 AM
  • Thanks for your reply.

    The first link is not working.

    the second link explains there is a script to modify the existing records.

    That is usefull but how can i make sure the  computer account is added to the records when it is created / modified?

    I allready removed one record and tried to re register the record but the account is not added to the acl even with a new server..

    What can be the cause of this?

    thanks for your help.

    Monday, October 1, 2018 12:07 PM