There isn't a group policy setting to do what you're trying to do-- you're going to have to use a script.
First, I'd recommend reviewing the "Explain" tab for the settings you described above. You'll see that none of the settings actually turn on the registration behaviour you're looking for.
Assuming your machines get DNS settings from DHCP, and assuming that you don't mind this setting set back to the stock setting on all their network interfaces, assign the following in a Startup Script to the affected computers:
for /f "usebackq tokens=3* delims= " %%i in (`netsh interface ip show dns ^| find "Configuration for interface"`) do netsh interface ip set dns name=%%j source=dhcp primary
That will set the DNS client to get its address from DHCP, and reset the stock registration setting on all network interfaces on a Windows XP machine.
(An aside: You ought to figure out how your users changed that setting in the first place and stop them. It sounds like you have people who have 'Administrator' rights who shouldn't.)
This could be due to a couple of different things:
1) Are your clients obtaining IPs via a Windows DHCP Server? If so, your DHCP server may not be configured to auto-register their IP with the DNS server.
To check, right-click your DHCP scope and go to properties. On the DNS tab enable DNS dynamic updates and set to "Always dynamically update..." Also enable Dynamic Update for clients that do not request updates.
1a) Even if these are enabled, you might need to make sure the DHCP server has permissions to update DNS records. If your DHCP server is also a domain controller, then you are probably fine, if not, then you may want to see if the DHCP server is a member of the "DnsUpdateProxy" group in AD. Then check the Security tab on the Reverse Zone and make sure that group is authorized to create all child objects (DNS records)
2) If your statically-configured hosts are not updating the reverse zone, make sure their NICs are configured to register their IP in DNS (Windows hosts are enabled for this by default). If they are in the forward zone but not the reverse, then something else is going on...
3) If the issue is that your reverse zones are mismatched between domain controllers (meaning a host was able to register with one of the DCs, but the registration did not get replicated to the others) it could mean the zones themselves aren't replicating between domain controllers. Make sure the reverse zone is AD-Integrated and also check the Zone Transfers tab and make sure they are allowed (generally Only to servers listed on the Name Servers tab). Also make sure your DNS server are listed on the Name Servers tab.
That's all I can think of for now...
EDIT
Ok so given that your DHCP server is not registering the records on behalf of the clients, and aside from your windows clients not being set to register with DNS on their NICs (which you should verify in TCP/IP properties on the client NIC), I would check the security settings on your reverse zone to make sure clients are allowed to register in the reverse zone. This article covers the default security settings for DNS zones: http://technet.microsoft.com/en-us/library/cc780538%28WS.10%29.aspx If the settings are jacked up (or even if they are fine), you might try just blowing away the reverse zone and recreating it since you basically have a non-functioning reverse zone as it is...
Try running an "ipconfig /registerdns" on one of the clients and see if it adds a record to the reverse zone. If it didn't, you might try looking in the DNS event log on the server to see if there are any issues there. I'm not sure if it would say whether or not a client failed to register or not, but may show you other issues with DNS if they exist.
Best Answer
The solution is checking
Use this connection's DNS suffix in DNS registrationin the TCP/IP settings of the network interface:As much as it may appear strange, this is the only solution to ensure Windows will register both the A and the PTR records for a DHCP network connection; otherwise, it will only register the A record.