Only if you know with certainty that the updates get sent only to a local DNS server should you run the Dynamic DNS Updates service.
We use QIP as the enterprise DNS because we have alot of UNIX servers and workstations.
If you're running Samba as Active Directory Domain Controller, you also have to administer a DNS server.
However, in many cases when the DHCP and DNS configurations have inconsistencies, the LDNS may direct the DHCP client to a place outside the local scope, resulting in leakage of private DNS updates to the global network.
In the example shown above, the LDNS is not configured with a local zone for 168.192.
Similarly, steps 6-8 update the inverse mapping from the IP address to the domain name (type PTR RR).
In the correct setup, the LDNS should point the DHCP client to a domain name server (could be itself) inside the internal network.To administer DNS from a Windows client, you have to install the DNS MMC Snap-In.See Installing RSAT on Windows for AD Management for more details.While this service can reduce administrative overhead, it also can, and does, have deleterious effects on the larger Internet by leaking traffic regarding private IP addresses that should never leave the local area network.You do not need to disable dynamic DNS updates if: However, if you have configured your host to act as a DHCP client/server and you make use of the private IP address space (including 10.0.0.0/8, 172.16.0.0/12, and 192.168.0.0/16) specified in RFC1918, you should turn off the dynamic DNS update feature.Although BIND is a grown up DNS and long in production on millions of servers, the Samba BIND DLZ module is still new.