FortiClient SSL VPN and dynamic updating Windows DNS entries issues

Hey all, running into issues that when users log via the Forticlient VPN, the DNS entries within Windows DNS server isn’t keeping up with users logging on and off. This has created problems with other IT groups who are trying to track various actions back to the right users. Due to old DNS, they have been complaining that they can’t properly sort out who is doing what.

Outside of changing the time settings on the Windows DNS server, are there any settings within the Fortigate, or Forticlient/EMS that will send a signal to the Windows DNS server to remove the entry? Or any other good work arounds for this issue?

You can configure an external DHCP server and handle address attribution there: https://community.fortinet.com/t5/FortiGate/Technical-Tip-SSL-VPN-with-external-DHCP-Server/ta-p/215644

From there you can configure lease time and other settings to make sure the address overlap doesn’t happen. This is in theory, I’m actually working on something similar would love input of someone who has it working.

Thanks for the suggestion, this snuck past me since I came in around 6.2 but glad they added this.