Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.
Host Name Resolution from Parent Domain to Member Server on Child Domain
We have a parent domain, abc.local.
We recently created a child domain dev.abc.local.
The member machines in questions are VMWare guests machines.
The VMWare host continues live on abc.local.
We want the domainadmin.abc.local to rdp to membermachine.dev.abc.loca
This appears to work when attempting to connect to somemachine.dev.abc.local but not othermachine.dev.abc.local
All machines were configured the same.
The internet protocol version 4 (TCP/IPv4) is used in every case.
TCP/IPv4 properties are set to use static IP address, subnet mask, and default gateways. In addition, a preferred DNS server and an alternate DNS server are specified.
Advanced settings show the assigned static ip address and default gateway under the IP settings tab.
Under the DNS tab, the primary dns server address (the dns address for dev.abc.local) is listed first and the alternate dns server address (the dns address for abc.local) is listed second.
Under the section for the resolution of unqualified names the defaults are selected which are 1) Append primary and connection specific DNS suffixes and 2) Append parent suffixes for the primary DNS suffix.
Finally, the check box is selected for the option to Register this connection's addresses in DNS.
Why are we able to rdp from the parent domain (abc.local) to a machine on the child domain (dev.abc.local) using the unqualified hostname and others require the FQDN?
We recently created a child domain dev.abc.local.
The member machines in questions are VMWare guests machines.
The VMWare host continues live on abc.local.
We want the domainadmin.abc.local to rdp to membermachine.dev.abc.loca
This appears to work when attempting to connect to somemachine.dev.abc.local but not othermachine.dev.abc.local
All machines were configured the same.
The internet protocol version 4 (TCP/IPv4) is used in every case.
TCP/IPv4 properties are set to use static IP address, subnet mask, and default gateways. In addition, a preferred DNS server and an alternate DNS server are specified.
Advanced settings show the assigned static ip address and default gateway under the IP settings tab.
Under the DNS tab, the primary dns server address (the dns address for dev.abc.local) is listed first and the alternate dns server address (the dns address for abc.local) is listed second.
Under the section for the resolution of unqualified names the defaults are selected which are 1) Append primary and connection specific DNS suffixes and 2) Append parent suffixes for the primary DNS suffix.
Finally, the check box is selected for the option to Register this connection's addresses in DNS.
Why are we able to rdp from the parent domain (abc.local) to a machine on the child domain (dev.abc.local) using the unqualified hostname and others require the FQDN?
Who is Participating?
> We want the domainadmin.abc.local to rdp to membermachine.dev.abc.loca
> This appears to work when attempting to connect to somemachine.dev.abc.local but not othermachine.dev.abc.local
Please "ping somemachine" and see if you get back a ping message like this:
Otherwise look at "ipconfig /displaydns" and see if you have anything listed for somemachine.
The only way this will really work is if you configure and publish a DNS suffix for dev.abc.local. DNS suffix devolution (Append parent suffixes) works when going from dev.abc.local to abc.local, but not the other way around (as the DNS client has no means of establishing what any other label should be).
Chris
> This appears to work when attempting to connect to somemachine.dev.abc.local but not othermachine.dev.abc.local
Please "ping somemachine" and see if you get back a ping message like this:
Pinging somemachine [1.2.3.4] with 32 bytes of data:
Pinging somemachine.dev.abc.local [1.2.3.4] with 32 bytes of data:
Otherwise look at "ipconfig /displaydns" and see if you have anything listed for somemachine.
The only way this will really work is if you configure and publish a DNS suffix for dev.abc.local. DNS suffix devolution (Append parent suffixes) works when going from dev.abc.local to abc.local, but not the other way around (as the DNS client has no means of establishing what any other label should be).
Chris
In parent domain add new GPO at domain level and in GPO navigate to computer config\administrative templates\network\dns client and enable dns suffix search list
In search list add domain.com as 1st entry and add child.domain.com as 2nd entry separated by comma
This will ensure that for unqualified name child domain also get queried and if name available you will get name resolution
In search list add domain.com as 1st entry and add child.domain.com as 2nd entry separated by comma
This will ensure that for unqualified name child domain also get queried and if name available you will get name resolution
Chris Dent: pinging somemachine returns somemachine.abc.local when it should return somemachine.dev.abc.local.
I'm aware of that, but you will need to implement a search list as I said in the first place to be able to query names using simple labels in child domains.
If you find any resolve already (as you said was the case with somemachine) they must either have records in the parent zone or be resolving using another name resolution service.
Chris
If you find any resolve already (as you said was the case with somemachine) they must either have records in the parent zone or be resolving using another name resolution service.
Chris
Chris, thank you for your input. Something is getting lost in translation between our responses I think.
I don't understand what you mean when you say, implement a search list.
I don't understand what you mean when you say, implement a search list.
Question has a verified solution.
Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.
Have a better answer? Share it in a comment.
All Courses
From novice to tech pro — start learning today.
You can switch the order of the suffixes in the list so that dev.abc.local gets appended first, but that's still not completely ideal, as you're then stuck with the opposite problem: you won't be able to access machines in abc.local from that domain using only hostnames if there are also machines in dev.abc.local with those same hostnames. Whether or not this is a problem for you depends on your environment.
There's no perfect solution to this, as far as I can tell, other than making sure that every machine across both domains has a unique hostname (in other words, making sure that for each machine named x.abc.local, there's no machine named x.dev.abc.local and vice versa).
Using a GlobalNames zone is another option, but it's still not going to be perfect if there are matching hostnames across the domains.