jskfan
asked on
Search the record in DNS
I would like to know if there is a way to find where the record for a specified DNS hoset is located.
When I use <Nslookup computername>, it gives me the server where the host is, it also gives me the IP address of the host. But it doesn't give me which container it s located.
I will have to expand all the containers in DNS in order to find it.
Any better way to search and find where a certain record is located?
Thanks
When I use <Nslookup computername>, it gives me the server where the host is, it also gives me the IP address of the host. But it doesn't give me which container it s located.
I will have to expand all the containers in DNS in order to find it.
Any better way to search and find where a certain record is located?
Thanks
ASKER
I have a DNS zone Mydomain.com, it has many containers under
I was trying to look for a record of a server1
I typed <NSLookup computer name>
I got:
Server:DC.Mydomain.com
address: 10.1.1.10
Name: server1
address: 10.1.1.99
when I wnet to DNS and clicked on the Mydomain.com zone, I didn't see the record for server1
I had to expand every container under the Mydomain.com zone(which is AD Integrated zone), then I found it under a container named Dev. I am not sure what this Dev container is, is it a child domain? how can I tell? is there an option in NSlookup that tells exactly where a certain record is ?
Thanks
I was trying to look for a record of a server1
I typed <NSLookup computer name>
I got:
Server:DC.Mydomain.com
address: 10.1.1.10
Name: server1
address: 10.1.1.99
when I wnet to DNS and clicked on the Mydomain.com zone, I didn't see the record for server1
I had to expand every container under the Mydomain.com zone(which is AD Integrated zone), then I found it under a container named Dev. I am not sure what this Dev container is, is it a child domain? how can I tell? is there an option in NSlookup that tells exactly where a certain record is ?
Thanks
Any subcontainer below any forward lookup zone is a subdomain of the main domain. In your case, records within the 'Dev' container would give the format <record>.dev.domain.com.
If you simply searched for 'server1', the client workstation you were searching from would have appended a DNS suffix to that server. Run an ipconfig /all at the workstation you were searching from, then note the entries in the DNS Suffix Search List. Each of those would have been appended to the server name in turn, prior to the query being sent to the DNS server.
-Matt
ASKER
<<Run an ipconfig /all at the workstation you were searching from, then note the entries in the DNS Suffix Search List.>>>
so I wil have to call the user to run ipconfig /all ??
is there any way to do it through NSLookup or any other command.??
so I wil have to call the user to run ipconfig /all ??
is there any way to do it through NSLookup or any other command.??
You cannot check the DNS Suffix List using NSLookup. It is machine-specific, although on an Active Directory domain, it will generally contain the Active Directory domain by default (and it will search all parent domains).
-Matt
ASKER
what do you use to find the location of a host record in DNS, other than useing Ipconfig /all in the workstation you are looking for?
Sorry, but you're confused. The ipconfig /all approach is used to determine the host headers which are applied to a client PC. The host header is what is appended to a DNS query before it is submitted to the DNS server; DNS would NEVER respond to just nslookup server1, the system has to silently append '.domain.com' to the server1 query in order to get a successful result. The Host Header list simply defines the (list of) domain(s) which are appended automatically, to save you entering .domain.com each time.
nslookup is the tool to use to locate a record in DNS. With a little understanding of the DNS system, you can then use the result returned to identify the path to the record in DNS.
For example, a search for 'server1' with a positive match will indicate the record is located in the root of the appropriate Forward Lookup Zone, whereas a search for server1.subdomain would indicate the record is in the 'subdomain' container within your domain's Forward lookup zone.
-Matt
ASKER
If I understand in order to find the location of the record of certain host in DNS, you ping it's Netbios name(computername). you get its IP address, then you ping it's IP address with "-a" you will get computername.XXXX.YYYY.com
This is in case you cannot go physically to the host and run ipconfig /all
Correct?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I tried NSLookup with computername, it gave me computername.parentdomain. com, it should have given me computername.subdomain.par entdomain.
but when I ping <Ping -a IPaddress> it gives me the right suffix computername.subdomain.par entdomain. com
but when I ping <Ping -a IPaddress> it gives me the right suffix computername.subdomain.par
An NSLookup of simply 'computername' which returns computername.domain.com indicates there is a computer by that domain in the Parent domain. If DNS returns that path explicitly, the record *must* be in the parent zone.
Doing a ping -a of the computer name essentially performs a reverse DNS lookup on the computer's IP address. While that particular computer's Reverse DNS may be computername.subdomain.par
-Matt
Hey,
On an Active Directory domain, the DNS records for workstations will be in one location and one location anyway - Forward Lookup Zones, (your domain name). ALL the DNS records will be contained there.
If there is any subfolders, you will see this in the DNS name. For example, assuming domain.com is the Active Directory domain, the record server.host.domain.com will be located within the 'host' subfolder of the domain.com forward lookup zone.
-Matt