?
Solved

AD Win 2000 DNS suffix search

Posted on 2004-04-15
6
Medium Priority
?
379 Views
Last Modified: 2010-05-18
Does Windows 2000 AD DC have a group policy setting for providing clients with the DNS suffice search order for a domain tree that has more than one child domain.  The clients must be able to resolve names in other domains besides the local and parent ie abc.mydomain.com, def.mydomain.com, ghi.mydomain.com and mydomain.com
0
Comment
Question by:eggwhisk
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
6 Comments
 
LVL 16

Expert Comment

by:JamesDS
ID: 10831220
eggwhisk
Yup, Set the following machine policy:
Administrative Templates\Network\DNS Client - DNS Suffix Search List

The entries are seperated by commas thus: abc.mydomain.com,def.mydomain.com,ghi.mydomain.com

Cheers

JamesDS
0
 

Author Comment

by:eggwhisk
ID: 10831259
Hi JamesDS
Thanks very much for the info.  However I am new to AD and although I can find the Administrative Templates\Network there is no DNS client entry to configure.  I guess I need to create it?  If so can you advise how please?  Also is it normally entered under user or machine config?
Thanks a lot
eggwhisk
0
 

Author Comment

by:eggwhisk
ID: 10831293
JamesDS

OK I have read how to add the templete, but I am not sure which one to use, does it matter please?  Also is it normally entered under user or machine config?
Thanks a lot
eggwhisk
0
The Eight Noble Truths of Backup and Recovery

How can IT departments tackle the challenges of a Big Data world? This white paper provides a roadmap to success and helps companies ensure that all their data is safe and secure, no matter if it resides on-premise with physical or virtual machines or in the cloud.

 
LVL 16

Expert Comment

by:JamesDS
ID: 10831366
eggwhisk

This is a machine policy, so it is entered under machine config
The template you want is SYSTEM.ADM

However, I have just rechecked my facts and this setting may not be available and may not work on Windows 2000. If it doesn't work then i'm afraid there is no way of doing this with a GPO on Windows 2000.

Cheers

JamesDS
0
 

Author Comment

by:eggwhisk
ID: 10831412
Hi JamesDS

The setting is available in 2003 GPO, but the system.adm under 2K does not have this setting.  However I have read that you can add it via a reg key as follows:

"save it as tcpip.adm either into your %systemroot%\inf folder or wherever you want to save it, then add it to your administrative templates in the Group Policy MMC. Make sure to uncheck "Show Group Policies only" in the "View" menu (when "Administrative Templates" is highlighted), as this is not a "Group Policy" but a "Preferred Setting"; it will not revert back to the original setting if you remove the "policy". Don't set this policy to "disabled". Test it before you apply it in earnest."
Trouble is it doe snot make sense top me.  Can you deduce "what" should be saved as in the .reg key.  I would like to understand how to do this.
Thanks a lot in advance
eggwhisk
0
 
LVL 16

Accepted Solution

by:
JamesDS earned 375 total points
ID: 10831440
eggwhisk

that doesn't make much sense to me either!

However, the reg entry is here:
HKLM\Software\Policies\Microsoft\Windows NT\DNSClient - SearchList

Is that what you were after?

Cheers

JamesDS
0

Featured Post

On Demand Webinar: Networking for the Cloud Era

Did you know SD-WANs can improve network connectivity? Check out this webinar to learn how an SD-WAN simplified, one-click tool can help you migrate and manage data in the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
What's worse than having your data encrypted by ransomware? Getting attacked by a so-called "wiper," which simply destroys the data and offers you no hope of ever seeing it again.
This is my first video review of Microsoft Bookings, I will be doing a part two with a bit more information, but wanted to get this out to you folks.
In this video you will find out how to export Office 365 mailboxes using the built in eDiscovery tool. Bear in mind that although this method might be useful in some cases, using PST files as Office 365 backup is troublesome in a long run (more on t…

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question