Solved

Trying to perform short name name resolution for a subdomain

Posted on 2013-11-01
3
708 Views
Last Modified: 2014-01-02
A few members of my team are trying to address a use case where a user can type in the short name of server such as host1 and have it properly resolve to the FQDN/IP.  They do not want to use domain suffix at the client side.  Here is what they are trying to do exactly ---

ping host1 and get the IP address back as it is listed in lab.domain.com

host1.lab.domain.com exist in a zone on the DNS server and there is another primary zone of domain.com as well.

The client host has a FQDN of client.domain.com and the client uses the DNS server that is authorative for domain.com as well as lab.domain.com.

host1 lives in the lab.domain.com zone only.  Without using domain suffix at the client side, it would stand to reason to me that if the client where to try ping host1 from the command line that they would not get resolution.  If they used just domain.com as the suffix still nothing and finally if they included domain suffix lab.domain.com they would get a resolution.

My teammates believe they can achieve the level of functionality by eliminating domain suffix on the NIC and then using stubzones or secondary zones - their efforts have been unsuccessful.   I personally think they cannot get this done using those methods and would instead have to use suffix at the client side -- unless they wanted to hack BIND --- which is not what we are using.  This is a Windows DNS environment.

Can anyone offer any correction to my thinking and a possible resolution to provide the level of functionality desired.

Thanks,

Scott
0
Comment
Question by:BladesAway
  • 2
3 Comments
 
LVL 5

Assisted Solution

by:alicain
alicain earned 250 total points
Comment Utility
As you alluded, perhaps the easiest way to do achieve this this is with an additional search suffix on the DNS tab of TCPIP settings on the clients network connection.  

In "Append these DNS suffixes" place:
domain.com
lab.domain.com

The resolver on the client will first attempt to resolved in domain.com and if/when that fails, it will go on to append lab.domain.com

You could also do this from the DNS server side by configuring selective forwarding to forward all requests to "lab.domain.com" to the DNS server that is authoritative for that zone.

Regards,
Alastair.
0
 
LVL 5

Expert Comment

by:alicain
Comment Utility
and of course I should have included: that depending on the environment, it would be possible to create a delegation in domain.com for the zone lab.domain.com and which would allow names to be resolved via recursion.

But that may or may not be possible, for example if you want to maintain some separation between the environments, e.g. between production and lab networks.
0
 
LVL 39

Accepted Solution

by:
footech earned 250 total points
Comment Utility
I see only two ways that this would be possible.

The first is as alicain mentioned, which is for the client to append the correct DNS suffix.  This could be configured through Group Policy or even DHCP option.  Configuring forwarders or delegation would have no effect though, at least not without the proper DNS suffix at the client.  A couple reasons - 1) you mentioned that the DNS server is authoritative for both zones, so the query would never be forwarded on to another server, and; 2) even if the DNS server that is initially queried is only authoritative for the domain.com zone, unless the client made a query for host1.lab.domain.com, the server is never going to send the query on to another server.  One last thing about DNS suffixes - if the primary DNS suffix is lab.domain.com, with DNS devolution the client (if I remember right this is enabled by default in Win7+)  will automatically first query for host1.lab.domain.com and then (assuming it didn't get a hit), query for host1.domain.com.

The second way would be through the use of NetBIOS name resolution or WINS.  This means that the hostname would have to be unique in the environment.  You couldn't have both host1.domain.com and host1.lab.domain.com and expect it to work.  Essentially this is taking the DNS suffix completely out of the equation.

I know I said earlier that I see only two ways, but there are other, more manual methods that you could use for small numbers of hosts that you want it to work.  If all you care is that a query reaches the right IP, if you create an A record for host1 in the domain.com zone that points to the IP of host1.lab.domain.com it will work.  Also, you could create a CNAME record for host1 in the domain.com zone and point it at host1.lab.domain.com.

EDIT:  I wanted to mention one other option, that is similar to the NetBIOS/WINS option, but uses DNS.  If your DNS servers are 2008+, you can set up a GlobalNames zone and configure records in there.  This would be a manual process as well where you configure CNAME records in the zone for the resources desired.
http://technet.microsoft.com/en-us/library/cc816610(v=ws.10).aspx
0

Featured Post

Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

Join & Write a Comment

Do you have users whose passwords are expiring and they are constantly calling you?  Well I sure did and needed a way to put an end to this.  We have a lot of remote users which would not be notified that their passwords were expiring since they wer…
One of the most often confused topics in the area DNS is the idea of GLUE records. Specifically, what they are, when they are needed, when they are provided, and how they are created. First, WHAT IS GLUE? To understand GLUE, you must first under…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now