I have a very strange issue with two of our domain machines.
They are constantly sending dynamic DNS update traffic to all of our DCs. From the traces, it seems like the UNSECURED updates fail, as it should, but the secured update never kicks in, and insecure updates get retried indefinitely. To the tune of many every second
I tried to force secure only update on the client via GPO, nothing changes.
The strange part is, I've disabled Dynamic DNS update on the interfaces and globally on the client via the GPO, yet it's still sending packets.