Solved

DNS Resolution

Posted on 2013-11-19
5
307 Views
Last Modified: 2013-11-19
Hello,

We have a 2-way Active Directory transitive trust between our domain and a partner's domain.  Both domains have DNS integrated.  When we try to ping a server/workstation on the partner's domain by ONLY their hostname, it does not resolve.  However, if we try to ping using their FQDNs, it pings just fine.  Is this the expected behavior of AD DNS?  If so, is there any way to configure AD DNS so that we'd be able to ping hosts on the trusted domain by only their hostnames?  Thank you.
0
Comment
Question by:Techop09
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
5 Comments
 
LVL 6

Expert Comment

by:ButlerTechnology
ID: 39660352
Yes -- That  is the expected behavior.  You can add DNs suffixes in the Advance TCP/IP DNS tab on systems that have a static IP assignment.  

You can also do this in DHCP:

1.Open DHCP. (To open DHCP, click Start, point to Settings, click Control Panel, double-click Administrative Tools, and then double-click DHCP.)
2. In the console tree, click the applicable DHCP server.
3. On the Action menu, click Set Predefined Options.
4. In Predefined Options and Values, click Add (Option Class Standard), and then click OK.
5. In Name, type the string DNS Search List.
6. Set Code to 119 and Data Type string (it is not an array), and then click OK.
7. Right-click Scope Options, select Configure Options, and then check 119 DNS Search List.
8. Enter a list of domain suffixes in your organization, delimited by a semicolon (for example, contoso.com;dev.contoso.com;corp.microsoft.com).
9. Click OK.
(Copied from http://technet.microsoft.com/en-us/library/dd572752(v=office.13).aspx)

Tom
0
 
LVL 57

Expert Comment

by:Mike Kline
ID: 39660356
Yes that is expected behavior, you can add the DNS suffix to your search list.   Lots of good articles on that, one example below  

http://www.techrepublic.com/blog/the-enterprise-cloud/manage-dns-suffix-configuration-through-group-policy/

Thanks

Mike
0
 

Author Comment

by:Techop09
ID: 39660485
Thank you for your responses.  I'm aware that you can add DNS suffixes at the client level.  Does anyone know of a more global solution where the DNS servers themselves are changed to allow resolutions of the hosts without their FQDNs?
0
 
LVL 6

Expert Comment

by:ButlerTechnology
ID: 39660506
You could look at the zone that is designed to help with the migration from WINS, but I wouldn't recommend it as it requires static entries.

Overall, I don't think this is feasible -- the client makes the FQDN request and it will use its own DNS suffix when using a host name.  The DNS server will attempt to answer based on the FQDN.

Tom
0
 
LVL 37

Accepted Solution

by:
Mahesh earned 500 total points
ID: 39660536
if you have 2008+ dns servers, then you can deploy globalnames zone
Again it is does not support dynamic updates..
You need to create records manually, probably good for statis IP assignments.
Cross forest name resolution is supported
check below article
http://technet.microsoft.com/en-us/library/cc731744.aspx

Thanks
0

Featured Post

Creating Instructional Tutorials  

For Any Use & On Any Platform

Contextual Guidance at the moment of need helps your employees/users adopt software o& achieve even the most complex tasks instantly. Boost knowledge retention, software adoption & employee engagement with easy solution.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Here's a look at newsworthy articles and community happenings during the last month.
This process allows computer passwords to be managed and secured without using LAPS. This is an improvement on an existing process, enhanced to store password encrypted, instead of clear-text files within SQL
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…

623 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question