Solved

DNS Resolution

Posted on 2013-11-19
5
286 Views
Last Modified: 2013-11-19
Hello,

We have a 2-way Active Directory transitive trust between our domain and a partner's domain.  Both domains have DNS integrated.  When we try to ping a server/workstation on the partner's domain by ONLY their hostname, it does not resolve.  However, if we try to ping using their FQDNs, it pings just fine.  Is this the expected behavior of AD DNS?  If so, is there any way to configure AD DNS so that we'd be able to ping hosts on the trusted domain by only their hostnames?  Thank you.
0
Comment
Question by:Techop09
5 Comments
 
LVL 6

Expert Comment

by:ButlerTechnology
ID: 39660352
Yes -- That  is the expected behavior.  You can add DNs suffixes in the Advance TCP/IP DNS tab on systems that have a static IP assignment.  

You can also do this in DHCP:

1.Open DHCP. (To open DHCP, click Start, point to Settings, click Control Panel, double-click Administrative Tools, and then double-click DHCP.)
2. In the console tree, click the applicable DHCP server.
3. On the Action menu, click Set Predefined Options.
4. In Predefined Options and Values, click Add (Option Class Standard), and then click OK.
5. In Name, type the string DNS Search List.
6. Set Code to 119 and Data Type string (it is not an array), and then click OK.
7. Right-click Scope Options, select Configure Options, and then check 119 DNS Search List.
8. Enter a list of domain suffixes in your organization, delimited by a semicolon (for example, contoso.com;dev.contoso.com;corp.microsoft.com).
9. Click OK.
(Copied from http://technet.microsoft.com/en-us/library/dd572752(v=office.13).aspx)

Tom
0
 
LVL 57

Expert Comment

by:Mike Kline
ID: 39660356
Yes that is expected behavior, you can add the DNS suffix to your search list.   Lots of good articles on that, one example below  

http://www.techrepublic.com/blog/the-enterprise-cloud/manage-dns-suffix-configuration-through-group-policy/

Thanks

Mike
0
 

Author Comment

by:Techop09
ID: 39660485
Thank you for your responses.  I'm aware that you can add DNS suffixes at the client level.  Does anyone know of a more global solution where the DNS servers themselves are changed to allow resolutions of the hosts without their FQDNs?
0
 
LVL 6

Expert Comment

by:ButlerTechnology
ID: 39660506
You could look at the zone that is designed to help with the migration from WINS, but I wouldn't recommend it as it requires static entries.

Overall, I don't think this is feasible -- the client makes the FQDN request and it will use its own DNS suffix when using a host name.  The DNS server will attempt to answer based on the FQDN.

Tom
0
 
LVL 35

Accepted Solution

by:
Mahesh earned 500 total points
ID: 39660536
if you have 2008+ dns servers, then you can deploy globalnames zone
Again it is does not support dynamic updates..
You need to create records manually, probably good for statis IP assignments.
Cross forest name resolution is supported
check below article
http://technet.microsoft.com/en-us/library/cc731744.aspx

Thanks
0

Featured Post

Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

Join & Write a Comment

BIND is the most widely used Name Server. A Name Server is the one that translates a site name to it's IP address. There is a new bug in BIND (https://kb.isc.org/article/AA-01272), affecting all versions of BIND 9 from BIND 9.1.0 (inclusive) thro…
Find out how to use Active Directory data for email signature management in Microsoft Exchange and Office 365.
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now