DNS resolution across domains
Posted on 2015-02-04
I have 2 domains. PRODUCTION.COM is one domain and TEST.COM is another domain. There is a one way trust, allowing PRODUCTION.COM users to have access to TEST.COM. I have a particularly weird issue with DNS that I cannot explain. I have two DNS servers for each domain. The client machines on Test.COM use the TEST.COM DNS servers for DNS resolution. On the TEST.COM DNS server, I have forward lookup zones for both TEST.COM and PRODUCTION.COM. Each DNS Server in TEST.COM have forwarders configured to the PRODUCTION.COM DNS Servers. The DHCP server is sending OPTION 015 to each client machine with the value TEST.COM and nothing else. Users are reporting that at one point, users connected to client machines within TEST.COM, could resolve short names for hosts in PRODUCTION.COM. an example of this maybe SITE1 would automatically resolve to SITE1.PRODUCTION.COM. From my knowledge of DNS, I cannot figure out how the user was able to short hand resolve PRODUCTION.COM DNS names without a FQDN. The user's NIC and DNS settings are all default, they are not statically mapping the DNS suffixes in their NIC configuration. Apparenlty this functionality just stopped working but as far as I can tell the configuration does not support their claims that it used to resolve short hand DNS names. What could potentially be enabled to allow the user to resolve these names via short hand? Obvious answers would be if option 15 was manipulated to push PRODUCTION.COM as the DNS server, the server was joined to PRODUCTION.COM instead of TEST.COM, or their NIC settings had a manual mapping to PRODUCTION.COM.