Update security level

Specifies the security level for dynamic DNS updates.

To use this policy setting, click Enabled and then select one of the following values:

Unsecure followed by secure - computers send secure dynamic updates only when nonsecure dynamic updates are refused.

Only unsecure - computers send only nonsecure dynamic updates.

Only secure - computers send only secure dynamic updates.

If you enable this policy setting, computers that attempt to send dynamic DNS updates will use the security level that you specify in this policy setting.

If you disable this policy setting, or if you do not configure this policy setting, computers will use local settings. By default, DNS clients attempt to use unsecured dynamic update first. If an unsecured update is refused, clients try to use secure update.

Supported on: At least Windows Server 2003 operating systems or Windows XP Professional
Update security level:


  1. Only secure
    Registry HiveHKEY_LOCAL_MACHINE
    Registry PathSoftware\Policies\Microsoft\Windows NT\DNSClient
    Value NameUpdateSecurityLevel
    Value TypeREG_DWORD
    Value256
  2. Only unsecure
    Registry HiveHKEY_LOCAL_MACHINE
    Registry PathSoftware\Policies\Microsoft\Windows NT\DNSClient
    Value NameUpdateSecurityLevel
    Value TypeREG_DWORD
    Value16
  3. Unsecure followed by secure
    Registry HiveHKEY_LOCAL_MACHINE
    Registry PathSoftware\Policies\Microsoft\Windows NT\DNSClient
    Value NameUpdateSecurityLevel
    Value TypeREG_DWORD
    Value0


dnsclient.admx

Administrative Templates (Computers)

Administrative Templates (Users)