• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 341
  • Last Modified:

Server 2012 DNS for non domain users

I have a Server 2012 DC and DNS Server running, but when network devices and computers not on the network ping host names the server does not respond with the IP.  How do I allow this?
0
Jcook4130
Asked:
Jcook4130
1 Solution
 
James HaywoodCommented:
You will need to enter the full FQDN rather than just the server name.
0
 
irweazelwallisCommented:
there shouldn't be anything blocking that.

Start with the obvious or connectivity checks
can you ping the DNS server
can you NSlookup to the server


are you trying with just netbios name or full FQDN if you don't have the suffix search list configured it will only work on FQDN
0
 
Chris DentPowerShell DeveloperCommented:
You really only have a couple of options:

1. Name resolution

If "ping name" gives you an IP address then DNS (and anything to do with name resolution) can be ruled out immediately.

For example, this would be a good response, even if Ping itself times out:
C:\> ping servername

Pinging servername [10.0.0.1] with 32 bytes of data:
Request timed out.

Open in new window

While ping didn't reply, name resolution got us from servername to 10.0.0.1. You can tick that part off as working.

2. Host is down, or connection is subject to a Firewall

If the host is not on, then obviously it won't be able to reply. It hardly sounds like this is the case here :)

That leaves Firewalls. Something is preventing the host responding. If you're on the same LAN / VLAN as the device you're pinging you can rule out network-level firewalls. That leaves you with Host-based firewalls. Windows Firewall?

Perhaps start by turning it off to establish cause (assuming it is safe to do so), if it is the cause you will simply need to add a rule to allow ICMP traffic (Inbound rule set).

Chris
0
 
dan_blagutCommented:
in fact what is not working is the DNS suffix for the non domain host. If you put the dnssufix on the non domain PC it will works better:
 
http://support.simpledns.com/KB/a137/how-to-configure-dns-suffixes-on-windows-2000xp2003.aspx

Dan
0
 
Daniel McAllisterPresident, IT4SOHO, LLCCommented:
OK, so what I'm going to write essentially backs up what Dan says above, but hopefully in a more palatable way:

When your DC clients configure themselves (likely through DHCP) they not only are told to use the DC as the DNS server, but they are also given a "default" domain to search.

Thus, when a DC client looks up "desktop1", the AD domain name is added "by default" and the DNS server looks for "desktop1.yourADdomain.local".

Now when other clients connect, they are often not provided a "default domain" to search, so when these other clients go to lookup "desktop1", and there is no "default domain" to add on, the result is that there is no match.

NOTE: Clients can be configured with a "default domain" (aka: default suffix), but servers cannot... you cannot tell a DNS server that, failing a lookup for "deskto1", assume they meant "desktop1.domain.local" or "desktop1.domain.com", etc.

So, your non AD clients can be configured to add the domain (it's an "advanced" DNS connection setting in ncpa.cpl on Windows systems), or you can simply use FQDN's on your hostnames and all will be fine.

I hope this helps...

Dan
IT4SOHO
0

Featured Post

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Tackle projects and never again get stuck behind a technical roadblock.
Join Now