Bizarre Vista DHCP/DNS Bug?

I administer a small (25-machine) Vista Business computer lab on a dedicated
Active Directory (2K3) domain at a university, and I have a baffling problem
that started a few weeks ago. (Nothing notable preceded its appearance.)
Sometimes, when the computers start up, their DNS servers are not set to what
the department's Linux DHCP server gives them (the IP of the lab's domain
server); instead, it gets campus DNS servers. This causes serious issues
(such as preventing logons) because the campus servers know nothing about the
lab or its domain. Furthermore, my boss' laptop running Vista also has the
same problem (it gets the campus DNS servers instead of the department's).
No other computer in the department (the rest are 2000/XP) have seen this
issue, though most are statically assigned.

Note that this doesn't happen all the time, and when it does, it can be
consistently resolved by issuing an ipconfig /renew. (I.e., the DNS server
list will be correct after the renew.) But, it sometimes reverts back to the
campus servers after a while (usually between 30 minutes to overnight, but I
saw one instance during a WDS install that it reverted almost immediately).

I know what you're thinking: there's something wrong with the DHCP server,
or there's a rogue DHCP server on the network. That's what I thought, too.
The problem with this theory is that I've sniffed the network traffic using
Wireshark, and all the DHCP traffic is exactly as it should be -- no offers
besides that of the Linux machine, and that offer contains the proper DNS
server list! There is no traffic mentioning the campus DNS servers at all,
except a few queries/responses to/from those servers by unrelated machines.

I'm at my wit's end here. Because of the serious problems the wrong DNS
settings are causing, I've started having to statically force the DNS
addresses on the machines (including configuring it statically in the WDS
unattended answer file, since otherwise the domain join and other synchronous
commands using the server fail).

Has anybody seen this? The only postings I can find that are remotely
relevant discuss the DHCP broadcast flag, but that doesn't seem to be the
problem, since we can get DHCP responses just fine. One post (sorry, can't
find it now) I saw described a problem similar to this, where Vista machines
were getting the address of the DNS server's forwarders, but the thread
provided no solution.

Any ideas? I'd run a Windows DHCP server on the domain controller to see if
that helps, but my boss doesn't want to give me control over the lab's IP
range.

Thanks for your help!