Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

DNS Resolution

Posted on 2013-11-19
5
Medium Priority
?
310 Views
Last Modified: 2013-11-19
Hello,

We have a 2-way Active Directory transitive trust between our domain and a partner's domain.  Both domains have DNS integrated.  When we try to ping a server/workstation on the partner's domain by ONLY their hostname, it does not resolve.  However, if we try to ping using their FQDNs, it pings just fine.  Is this the expected behavior of AD DNS?  If so, is there any way to configure AD DNS so that we'd be able to ping hosts on the trusted domain by only their hostnames?  Thank you.
0
Comment
Question by:Techop09
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
5 Comments
 
LVL 6

Expert Comment

by:ButlerTechnology
ID: 39660352
Yes -- That  is the expected behavior.  You can add DNs suffixes in the Advance TCP/IP DNS tab on systems that have a static IP assignment.  

You can also do this in DHCP:

1.Open DHCP. (To open DHCP, click Start, point to Settings, click Control Panel, double-click Administrative Tools, and then double-click DHCP.)
2. In the console tree, click the applicable DHCP server.
3. On the Action menu, click Set Predefined Options.
4. In Predefined Options and Values, click Add (Option Class Standard), and then click OK.
5. In Name, type the string DNS Search List.
6. Set Code to 119 and Data Type string (it is not an array), and then click OK.
7. Right-click Scope Options, select Configure Options, and then check 119 DNS Search List.
8. Enter a list of domain suffixes in your organization, delimited by a semicolon (for example, contoso.com;dev.contoso.com;corp.microsoft.com).
9. Click OK.
(Copied from http://technet.microsoft.com/en-us/library/dd572752(v=office.13).aspx)

Tom
0
 
LVL 57

Expert Comment

by:Mike Kline
ID: 39660356
Yes that is expected behavior, you can add the DNS suffix to your search list.   Lots of good articles on that, one example below  

http://www.techrepublic.com/blog/the-enterprise-cloud/manage-dns-suffix-configuration-through-group-policy/

Thanks

Mike
0
 

Author Comment

by:Techop09
ID: 39660485
Thank you for your responses.  I'm aware that you can add DNS suffixes at the client level.  Does anyone know of a more global solution where the DNS servers themselves are changed to allow resolutions of the hosts without their FQDNs?
0
 
LVL 6

Expert Comment

by:ButlerTechnology
ID: 39660506
You could look at the zone that is designed to help with the migration from WINS, but I wouldn't recommend it as it requires static entries.

Overall, I don't think this is feasible -- the client makes the FQDN request and it will use its own DNS suffix when using a host name.  The DNS server will attempt to answer based on the FQDN.

Tom
0
 
LVL 37

Accepted Solution

by:
Mahesh earned 2000 total points
ID: 39660536
if you have 2008+ dns servers, then you can deploy globalnames zone
Again it is does not support dynamic updates..
You need to create records manually, probably good for statis IP assignments.
Cross forest name resolution is supported
check below article
http://technet.microsoft.com/en-us/library/cc731744.aspx

Thanks
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Group policies can be applied selectively to specific devices with the help of groups. Utilising this, it is possible to phase-in group policies, over a period of time, by randomly adding non-members user or computers at a set interval, to a group f…
After seeing many questions for JRNL_WRAP_ERROR for replication failure, I thought it would be useful to write this article.
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…

704 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question