DHPBilcare
asked on
Resoving Hostnames across multiple domains to IP via Group Policy
I’ve set up a group policy that distributes a DNS Suffix Search List including the domain names (domain1, domain2) that I wish to resolve by hostname only.
I’ve done that in Group Policy:
Computer Configuration\Administrati ve Templates\Networking\DNS Client.
However from a standard network PC I still cannot resolve hostnames to IP that are in Domain 2.
I’m relatively new to group policy is there something obvious I’m missing?
I’ve done that in Group Policy:
Computer Configuration\Administrati
However from a standard network PC I still cannot resolve hostnames to IP that are in Domain 2.
I’m relatively new to group policy is there something obvious I’m missing?
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
where have you assigned the group policy too? it needs to be applied to the computers OU not the users ou. you can use gpresult /h to find out if the policy is applying.
First thing to do would be to take a PC and set the DNS Suffix Search list manually, and see if that works.
If it does, you need to troubleshoot the group policy, or the application or group policy.
If it doesn't, you need to resolve a DNS problem.
If it does, you need to troubleshoot the group policy, or the application or group policy.
If it doesn't, you need to resolve a DNS problem.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I manually entered the DNS suffix search list on a client and it then worked fine. Although when I then removed the entries and restarted it still worked?? Ipconfig /all then showed both domains in the search list which wasnt there previously despite the group policy. Other PC's are still not picking up the Group Policy.
I've entered the group policy under the Default Group Policy of my domain,
I've entered the group policy under the Default Group Policy of my domain,
ASKER
How do I link this policy to computers OU?
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks for that.
I went to one of the PC's, run rsop.msc, expanded the tree to the group policy in question. There was an egg timer for a minute or so. All appeared correct so I opened the command prompt to test and it worked??
Will I have to do this for all the PC's in question? Or is the new group policy simply taking a while to filter around the network. We have a couple of hundred PC's.
I went to one of the PC's, run rsop.msc, expanded the tree to the group policy in question. There was an egg timer for a minute or so. All appeared correct so I opened the command prompt to test and it worked??
Will I have to do this for all the PC's in question? Or is the new group policy simply taking a while to filter around the network. We have a couple of hundred PC's.
No, not at all. How long ago did you set the list? The change won't apply immediately.
Chris
ASKER
I applied the change yesterday, late afternoon.
Will this take a day or two to propogate to the whole network? I dont fancy running around 240 pc's if I can help it.
Will this take a day or two to propogate to the whole network? I dont fancy running around 240 pc's if I can help it.
No it should be in by now. Check a few more and see if they see the policy change?
Chris
@ Chris
Why isn't the intended result covered in DNS? I thought DNS resolved the FQDN to an IP address?.. and you can set up a trust or zone transfers to provide resolution to clients that the server is not actually authoritative for.
Maybe I am missing something, but it appears DNS already has the desired effect the author is wishing for. So, I was wondering if you are reinventing the wheel.
Why isn't the intended result covered in DNS? I thought DNS resolved the FQDN to an IP address?.. and you can set up a trust or zone transfers to provide resolution to clients that the server is not actually authoritative for.
Maybe I am missing something, but it appears DNS already has the desired effect the author is wishing for. So, I was wondering if you are reinventing the wheel.
DNS does resolve the FQDN, but we're talking about resolution of a Hostname only, which must be converted into an FQDN using the DNS Suffix Search List prior to submission to the DNS server.
Otherwise you need GlobalNames, and that's 2008+ only.
Chris
ASKER
Not obvous why but the policy is coming through. It does seem that for a few computers it doesnt take first time. Thanks for the comments.