?
Solved

Advanced TCP/IP settings (DNS related)

Posted on 2013-02-05
3
Medium Priority
?
468 Views
Last Modified: 2013-02-28
Hi

I was looking at the Advanced TCP/IP settings for a Windows 2008 Server and had some questions.

We have a multi-forest/multi-domain environment. The application server is based in a forest (one domain) named Production.mydomain.com

We also have other forests named UAT.uatdomain.com and Dev.devdomain.com

The application and its clients are all based in Production.mydomain.com, however test machines from the other domains may occasionally make connections to the server.

Under DNS, there is "Append Primary and connection specific DNS suffixes". What effect does entering domains in here have? I was going to add only production.mydomain.com and also have "DNS Suffix for this connection:" set to the same. Will this have an effect on clients connecting from other forests?

I can surely add them, but I just wanted to be sure of the logic behind this.

Thanks for any assistance
0
Comment
Question by:cpancamo
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 57

Accepted Solution

by:
Mike Kline earned 2000 total points
ID: 38856889
It means when your clients look for host names and use the various suffixes.

You look for the machine test

It will use test.domain.com  

test.suffix2.com
test.suffix3.com
etc....

It should not affect clients from other forests.

Thanks

Mike
0
 

Author Comment

by:cpancamo
ID: 38857040
Thanks Mike.

So if the server has no need to initiate a connection to a device in another forest, there is no need to have the other forests listed?

How about web browsing? We may need to connect to https://download1.UAT.uatdomain.com for instance to download a package. Since we are specifying the full FQDN in the HTTP string, this shouldn't make a difference, right?

In fact, that setting only affects connections where the FQDN is not included?
0
 
LVL 35

Expert Comment

by:Nirmal Sharma
ID: 38858063
Hey Mike - how have you been? Please drop me a line at my email address [ nirmal_sharma @ mvps.org ]

HTTP traffic is again send to DNS Servers you have configured locally PLUS the logic as stated by Mike above.

>>>In fact, that setting only affects connections where the FQDN is not included?
True. DNS Resolver follows a logic in which it checks to see if name supplied for resolution is a flat name or FQDN.

Sys
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Compliance and data security require steps be taken to prevent unauthorized users from copying data.  Here's one method to prevent data theft via USB drives (and writable optical media).
Wouldn't it be nice if objects in Active Directory automatically moved into the correct Organizational Units? This is what AutoAD aims to do and as a plus, it automatically creates Sites, Subnets, and Organizational Units.
This tutorial will walk an individual through locating and launching the BEUtility application to properly change the service account username and\or password in situation where it may be necessary or where the password has been inadvertently change…
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …
Suggested Courses

719 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question