Solved

Having problem in multiple DNZ zone resolution in domain FQDN ?

Posted on 2011-09-06
8
376 Views
Last Modified: 2012-06-27
Hi,

I am having problem in multiple DNS resolution on my Windows AD domain with multiple DNS zones.

The domain I have:
domain.com - Unix BIND server primary (this is our email domain as well) managed by Solaris server
domainAD.com - AD domain name and the domainAD.com is managed by Windows AD-DNS integrated

Solaris DNS server which holds domain.com primary zone can transfer the data into the Domain Controllers which host the domain.com as secondary and domainAD.com as the primary.

I cannot ping server1 but with server1.domainAD.com works fine (server1 is Windows Server 2003/2008 domain joined)

I don't know why I must include the FQDN for every query and servername that I type otherwise it won't resolve to the proper IP
0
Comment
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
  • 2
8 Comments
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 36489283
Where are you trying to ping from?
0
 
LVL 7

Author Comment

by:Senior IT System Engineer
ID: 36489371
from the Windows domain it failed

as well as the linux/solaris server --> but this doesn't really matter as solaris machine must type FQDN anyway to get to windows.
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 36489437
Post ipconfig /all from the Windows box.

Make sure you have DNS Suffix listed
0
Optimizing Cloud Backup for Low Bandwidth

With cloud storage prices going down a growing number of SMBs start to use it for backup storage. Unfortunately, business data volume rarely fits the average Internet speed. This article provides an overview of main Internet speed challenges and reveals backup best practices.

 
LVL 42

Accepted Solution

by:
kevinhsieh earned 500 total points
ID: 36489593
In order to be able to ping via just the host name, you will need both domain.com and domainAD.com in the DNS suffix search list. Under Unix it is managed in /etc/resolve.conf. You can add domain.com as a search suffix using group policies for your Windows machines.
0
 
LVL 42

Assisted Solution

by:kevinhsieh
kevinhsieh earned 500 total points
ID: 36491013
Sorry, it's /etc/resolv.conf for Unix.

Article ID: 294785 - Last Review: February 17, 2009 - Revision: 9.0
New group policies for DNS in Windows Server 2003
http://support.microsoft.com/kb/294785

These group policies are at the following location:
Computer Configuration/Administrative Templates/Network/DNS Client

...
"DNS Suffix Search List
This setting determines which DNS suffixes to attach to an unqualified single-label name before you submit a DNS query for that name. An unqualified single-label name contains no dots, for example "example". This name is different from a fully qualified domain name (FQDN), for example "example.microsoft.com".

With this setting is enabled, when a user submits a query for a single-label name, such as "example", a local DNS client attaches a suffix, such as "microsoft.com". As a result, the query is changed to "example.microsoft.com" before the query is sent to a DNS server.

If you enable the DNS Suffix Search List setting, you can specify the DNS suffixes to attach before the query for an unqualified single-label name is submitted. The values of the DNS suffixes in this setting may be set using comma-separated strings, such as "microsoft.com,serverua.microsoft.com,office.microsoft.com". One DNS suffix is attached for each submission of a query. If a query is unsuccessful, a new DNS suffix is added in place of the failed suffix, and this new query is submitted. The values are used in the order they appear in the string, starting with the left value and preceding to the right.

If you enable this setting, you must specify at least one suffix. If you disable this setting, then the primary DNS suffix and network connection-specific DNS suffixes are appended to the unqualified queries. If this setting is not configured, then it is not applied to any computers and computers use their local configuration. The value of this policy may be set to the comma-separated strings of DNS suffixes. If the policy is enabled there must be at least one DNS suffix specified.

The value of this policy may be set to the comma-separated strings of DNS suffixes. Do not use spaces between the comma-separated DNS suffixes. If you add spaces, only the first DNS suffix will be applied. "

...
0
 
LVL 7

Author Comment

by:Senior IT System Engineer
ID: 36587938
ok, it seems if the Windows DNS is hosting multiple zones no matter what, FQDN is a must to resolve properly.
0
 
LVL 42

Expert Comment

by:kevinhsieh
ID: 36589064
Windows 2008 DNS servers have the ability to resolve unqualified queries using a new zone called GlobalNames, but all entries must be static, so you couldn't pull the zone information from BIND.

You may want to check it out.
http://www.petri.co.il/windows-DNS-globalnames-zone.htm
0
 
LVL 7

Author Comment

by:Senior IT System Engineer
ID: 36590980
ah that sounds cool Kevin. But having to update the entry manually is too much overhead of course.

Thanks for the suggestion.
0

Featured Post

Edgartown IT Case Study

Learn about Edgartown's quest to ensure the safety and security of the entire town's employee and citizen data. Read the case study!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

This script can help you clean up your user profile database by comparing profiles to Active Directory users in a particular OU, and removing the profiles that don't match.
A company’s centralized system that manages user data, security, and distributed resources is often a focus of criminal attention. Active Directory (AD) is no exception. In truth, it’s even more likely to be targeted due to the number of companies …
This tutorial will walk an individual through locating and launching the BEUtility application to properly change the service account username and\or password in situation where it may be necessary or where the password has been inadvertently change…
This tutorial will show how to configure a new Backup Exec 2012 server and move an existing database to that server with the use of the BEUtility. Install Backup Exec 2012 on the new server and apply all of the latest hotfixes and service packs. The…

730 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question