Solved

Cannot access dynamic IP hosts by hostname in Windows domain

Posted on 2010-08-18
13
670 Views
Last Modified: 2012-05-10
I have a Windows SBS 2008 domain controller. This SBS server is also the domain DNS server and DHCP server. A few of the hosts in the domain have static IPs, but most are dynamic. There is one Linux host in the LAN. It also points to the SBS server as the primary DNS server.

Windows workstations in the domaiin can resolve DHCP clients by name. The linux host cannot. Why? Is there something else I have to set/configure on either the SBS Server or the linux host to resolve by name on the linux host?
0
Comment
Question by:jmarkfoley
  • 7
  • 3
  • 3
13 Comments
 
LVL 25

Expert Comment

by:DrDave242
ID: 33469875
Do you get the same results when you try to resolve the FQDN of a workstation as you do when you try to resolve just the hostname?
0
 
LVL 1

Author Comment

by:jmarkfoley
ID: 33470127
For example:

PING IP:
----------

ping 192.168.0.33
PING 192.168.0.33 (192.168.0.33) 56(84) bytes of data.
64 bytes from 192.168.0.33: icmp_seq=1 ttl=64 time=4.10 ms
64 bytes from 192.168.0.33: icmp_seq=2 ttl=64 time=0.136 ms
64 bytes from 192.168.0.33: icmp_seq=3 ttl=64 time=0.145 ms

PING HOSTNAME:
----------------------
> ping OHPRSSTORAGE
ping: unknown host OHPRSSTORAGE

PING Windows Domain:
------------------------------

> ping OHPRSSTORAGE.hprs.local
ping: unknown host OHPRSSTORAGE.hprs.local

PING FQDN:
--------------

> ping OHPRSSTORAGE.ohprs.org
ping: unknown host OHPRSSTORAGE.ohprs.org

but,   "smbmount //OHPRSSTORAGE/Backups /mnt/web" works.

0
 
LVL 56

Expert Comment

by:Cliff Galiher
ID: 33472289
Just as a matter of terminology, FQDN means Fully Qualified Domain Name. So <machine>.hprs.local is also an FQDN. One is public, the other is private, but both are fully qualified.
So, with that in mind, it appears as though your linux host is not pointing to your internal DNS servers (at least SBS< and others if you have them) thus it is not able to perform lookups for internal domain names.
smbmount works because it is falling back to netbios to find the IP, but ping (on linux) does not perform this fallback.
ifconfig and dig will be your friends here.
-Cliff
 
0
 
LVL 1

Author Comment

by:jmarkfoley
ID: 33488520
> Just as a matter of terminology ...

Yes, I know. I just thought I'd use that term specifically for the Internet visible domain, not the Windows lan domain. My mistake.

The Linux host is only using the SBS server as its DNS server. It can resolve extra-lan domains like yahoo.com, but not intra-lan hosts.

I'm not very familiar with dig. I tried it, but I don't understand the output. I've included it below. The local host is common.hprs.local (or just common, I've tried it both ways).
> dig @192.168.0.2 common.hprs.local any



; <<>> DiG 9.4.1 <<>> @192.168.0.2 common.hprs.local any

; (1 server found)

;; global options:  printcmd

;; Got answer:

;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 15330

;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0



;; QUESTION SECTION:

;common.hprs.local.             IN      ANY



;; AUTHORITY SECTION:

hprs.local.             3600    IN      SOA     mail.hprs.local. hostmaster.hprs.local. 174 900 600 86400 3600



;; Query time: 0 msec

;; SERVER: 192.168.0.2#53(192.168.0.2)

;; WHEN: Fri Aug 20 15:48:29 2010

;; MSG SIZE  rcvd: 97

Open in new window

0
 
LVL 25

Expert Comment

by:DrDave242
ID: 33488585
That's interesting.  You got an NXDOMAIN response, meaning that it didn't find the host record for common.hprs.local.  It did return the hprs.local SOA record, though, so the server did receive the query and respond to it.

If you look in the DNS console on the SBS server, does it look normal?  Do you have the correct forward lookup zone(s)?  There should be at least one for hprs.local, and there may be another one for _msdcs.hprs.local, or it may exist as a folder inside the hprs.local zone.  Inside the hprs.local zone, are there host records for the machines in the domain?
0
 
LVL 1

Author Comment

by:jmarkfoley
ID: 33489236
OK, first of all, I'm an idiot. the hostname was common1, not common. When I did the dig on common1.hprs.local, I got the IP. As for the DNS console, things look OK there.

Now, common1.hprs.local is the "normal" case, being a Windows workstation. The device I really want to connect to is that network attached storage device I discussed in post 33470127. Its name is OHPRSSTORAGE. I can get to it via samba as //OHPRSSTORAGE, as I said. I cannot seem to get to it from the Linux box like I can with common1. I have the dig for that shown below.

Maybe it is not part of the hprs.local domain? I tried dig'ing ohprsstorage.workgroup and ohprsstorage.workgroup.local, but the results look pretty much the same.

nslookup common1.hprs.local works

No nslookup combination I tried for ohprsstorage works. Yet, ohprsstorage gets a DHCP IP from the SBS server, like all the other workstations.

?????

I don't think it's part of the hprs.local domain. When I browse my network places, it comes up under
> dig @192.168.0.2 ohprsstorage.hprs.local any



; <<>> DiG 9.4.1 <<>> @192.168.0.2 ohprsstorage.hprs.local any

; (1 server found)

;; global options:  printcmd

;; Got answer:

;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 23364

;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0



;; QUESTION SECTION:

;ohprsstorage.hprs.local.       IN      ANY



;; AUTHORITY SECTION:

hprs.local.             3600    IN      SOA     mail.hprs.local. hostmaster.hprs.local. 176 900 600 86400 3600



;; Query time: 1 msec

;; SERVER: 192.168.0.2#53(192.168.0.2)

;; WHEN: Fri Aug 20 17:24:44 2010

;; MSG SIZE  rcvd: 103

Open in new window

0
6 Surprising Benefits of Threat Intelligence

All sorts of threat intelligence is available on the web. Intelligence you can learn from, and use to anticipate and prepare for future attacks.

 
LVL 25

Expert Comment

by:DrDave242
ID: 33489358
Does OHPRSSTORAGE have a host record in the hprs.local zone?  I'm guessing not, since dig shows another NXDOMAIN response.  It also appears that OHPRSSTORAGE does not have the ability to register its own host record in DNS.  This will happen if its not a member of the domain and the hprs.local zone is configured for secure dynamic updates only (which it should be), because OHPRSSTORAGE won't be able to authenticate with AD.

You've got a couple of options.  If it's possible to join OHPRSSTORAGE to the domain, that's probably the best solution.  If it isn't possible, then you can either manually create a host record for it in DNS (in which case you'll need to make sure that its IP address won't change, either by giving it a static address or creating a reservation for it in DHCP) or configure DHCP to register a host record for it.  You can do this by following the steps here:

http://technet.microsoft.com/en-us/library/cc757445%28WS.10%29.aspx

Note:  You will need to set the primary DNS suffix (hprs.local) on OHPRSSTORAGE before its host record can be correctly registered.
0
 
LVL 1

Author Comment

by:jmarkfoley
ID: 33489616
OK, I will explore those options and get back ASAP
0
 
LVL 1

Author Comment

by:jmarkfoley
ID: 33544696
sorry to be away from the question for so long. Results:

The NAS device did have options to join it to the domain, but after doing all the config, it didn't appear to work. I couldn't see the device as a domain host. Not surprised, I think the whole SBS 2008 //connectcomputer thing performs all kinds of magic that the Iomega NAS probably doesn't get right. Anyway, I had to create a NAS-local user and password, enable security, specify the domain controller user, etc. WAY to much configuration just to use DHCP. So, I decided to give it a static IP and keep life simple.

But, it's not quite simple enough. I added the "A" record in the SBS Server DNS. Now the linux box can find it by name. However, I have to specifiy the FDQN as ohprsstorage.hprs.local. If I just reference it by it's machine name: ohprsstorage, I can't see it.

How do I fix this? Do I need a CNAME record in the SBS Server DNS to create an alias name? Can I do this at all? The linux domain is not hprs.local; it's ohprs.org - which is the public domain for the system.
0
 
LVL 56

Expert Comment

by:Cliff Galiher
ID: 33546478
You can add domain names to be searched to the resolv.conf file. DNS requires FQDNs, this is true on Windows and Linux. When you search for a short machine name, DNS clients use configuration information they have to append domain names to the short name and perform their search.
By default, Windows DHCP server sets an option on the scope to have windows DNS clients use the local FQDN, so that is why this feature works so well in Windows. For Linux, you need to replicate that functionality, and the most common way to do so is with resolv.conf, which controls many aspects of the DNS client on most linux distributions.
Hope that helps,
-Cliff
 
0
 
LVL 1

Author Comment

by:jmarkfoley
ID: 33586270
Once again, sorry to take so long getting back to this question.

Cliff: I do have the WinSBS host in the Linux resolv.conf, and I can now find the desired machine name with the FQDN: ohprsstorage.hprs.local. That's working fine. My question is, is there some way to configure something somewhere that will let me refer to this host just by it's hostname, e.g. //ohprsstorage/sharename instead of //ohprsstorage.hprs.local/sharename?

I could do this in my /etc/hosts file, but I would need to specifiy the IP, which is what I am trying to get away from. I thought of putting one NIC on the local domain and the other on the public domain (which is what the firewall enforces anyway), but I'm not sure how to do that. Maybe it's not worth the effort to save a few keystrokes?

Thoughts?
0
 
LVL 56

Accepted Solution

by:
Cliff Galiher earned 500 total points
ID: 33586394
jmarkfoley: My answer is still the same, resolv.conf. That conf file has many options, one of which is the "default" domain suffix. Once configured properly, anytime you issue a command with a hostname only, it will append that DNS suffix automatically. This is actually how windows works as well (unless you are using WINS) and you can see the setting on the IP configuration, advanced, DNS tab. In most cases this is set by a DHCP server so it is transparent. But on Linux it is more common to need to manually add the default domain name
HTH,
-Cliff
 
0
 
LVL 1

Author Comment

by:jmarkfoley
ID: 33688132
you are right! Simple. The resolv.conf entry is:

domain hprs.local

works like a charm. Thank.
0

Featured Post

What Should I Do With This Threat Intelligence?

Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

Join & Write a Comment

The problem of the system drive in SBS 2003 getting full continues to be an issue, even though SBS 2008 and SBS 2011 are both in the market place.  There are several solutions to this, including adding additional drive space or using third party uti…
I wrote this article to explain some important DNS concepts that should be known to avoid some typical configuration errors I often see in forums. I assume that what is described here is the typical behavior of Microsoft DNS client. I don't know …
In this seventh video of the Xpdf series, we discuss and demonstrate the PDFfonts utility, which lists all the fonts used in a PDF file. It does this via a command line interface, making it suitable for use in programs, scripts, batch files — any pl…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now