Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden with our free interactive tool and use it to determine the right price for your IT services. Download your free eBook now!
Host Name Resolution from Parent Domain to Member Server on Child Domain
We have a parent domain, abc.local.
We recently created a child domain dev.abc.local.
The member machines in questions are VMWare guests machines.
The VMWare host continues live on abc.local.
We want the domainadmin.abc.local to rdp to membermachine.dev.abc.loca
This appears to work when attempting to connect to somemachine.dev.abc.local but not othermachine.dev.abc.local
All machines were configured the same.
The internet protocol version 4 (TCP/IPv4) is used in every case.
TCP/IPv4 properties are set to use static IP address, subnet mask, and default gateways. In addition, a preferred DNS server and an alternate DNS server are specified.
Advanced settings show the assigned static ip address and default gateway under the IP settings tab.
Under the DNS tab, the primary dns server address (the dns address for dev.abc.local) is listed first and the alternate dns server address (the dns address for abc.local) is listed second.
Under the section for the resolution of unqualified names the defaults are selected which are 1) Append primary and connection specific DNS suffixes and 2) Append parent suffixes for the primary DNS suffix.
Finally, the check box is selected for the option to Register this connection's addresses in DNS.
Why are we able to rdp from the parent domain (abc.local) to a machine on the child domain (dev.abc.local) using the unqualified hostname and others require the FQDN?
We recently created a child domain dev.abc.local.
The member machines in questions are VMWare guests machines.
The VMWare host continues live on abc.local.
We want the domainadmin.abc.local to rdp to membermachine.dev.abc.loca
This appears to work when attempting to connect to somemachine.dev.abc.local but not othermachine.dev.abc.local
All machines were configured the same.
The internet protocol version 4 (TCP/IPv4) is used in every case.
TCP/IPv4 properties are set to use static IP address, subnet mask, and default gateways. In addition, a preferred DNS server and an alternate DNS server are specified.
Advanced settings show the assigned static ip address and default gateway under the IP settings tab.
Under the DNS tab, the primary dns server address (the dns address for dev.abc.local) is listed first and the alternate dns server address (the dns address for abc.local) is listed second.
Under the section for the resolution of unqualified names the defaults are selected which are 1) Append primary and connection specific DNS suffixes and 2) Append parent suffixes for the primary DNS suffix.
Finally, the check box is selected for the option to Register this connection's addresses in DNS.
Why are we able to rdp from the parent domain (abc.local) to a machine on the child domain (dev.abc.local) using the unqualified hostname and others require the FQDN?
Who is Participating?
Experts Exchange Solution brought to you by
Enjoy your complimentary solution view.
Get every solution instantly with Premium.
Start your 7-day free trial.
I wear a lot of hats...
"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.
In parent domain add new GPO at domain level and in GPO navigate to computer config\administrative templates\network\dns client and enable dns suffix search list
In search list add domain.com as 1st entry and add child.domain.com as 2nd entry separated by comma
This will ensure that for unqualified name child domain also get queried and if name available you will get name resolution
In search list add domain.com as 1st entry and add child.domain.com as 2nd entry separated by comma
This will ensure that for unqualified name child domain also get queried and if name available you will get name resolution
Chris Dent: pinging somemachine returns somemachine.abc.local when it should return somemachine.dev.abc.local.
I'm aware of that, but you will need to implement a search list as I said in the first place to be able to query names using simple labels in child domains.
If you find any resolve already (as you said was the case with somemachine) they must either have records in the parent zone or be resolving using another name resolution service.
Chris
If you find any resolve already (as you said was the case with somemachine) they must either have records in the parent zone or be resolving using another name resolution service.
Chris
Chris, thank you for your input. Something is getting lost in translation between our responses I think.
I don't understand what you mean when you say, implement a search list.
I don't understand what you mean when you say, implement a search list.
Mahesh's instructions show you how to implement the search list which will let you resolve host names only in the child domain from the parent.
Chris
Chris
In parent domain add new GPO at domain level and in GPO navigate to computer config\administrative templates\network\dns client and enable dns suffix search listThis won't help with the current situation, though, since the parent domain's suffix will be appended first. When you run ping client1, for example, from the abc.local domain, the FQDN client1.abc.local will be attempted first. If there's a record in DNS with that FQDN (which appears to be the case for some hostnames, as Chris pointed out), it'll be returned in response to that query, and client1.dev.abc.local will never be attempted.
In search list add domain.com as 1st entry and add child.domain.com as 2nd entry separated by comma
You can switch the order of the suffixes in the list so that dev.abc.local gets appended first, but that's still not completely ideal, as you're then stuck with the opposite problem: you won't be able to access machines in abc.local from that domain using only hostnames if there are also machines in dev.abc.local with those same hostnames. Whether or not this is a problem for you depends on your environment.
There's no perfect solution to this, as far as I can tell, other than making sure that every machine across both domains has a unique hostname (in other words, making sure that for each machine named x.abc.local, there's no machine named x.dev.abc.local and vice versa).
Using a GlobalNames zone is another option, but it's still not going to be perfect if there are matching hostnames across the domains.
Experts Exchange Solution brought to you by
Your issues matter to us.
Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.
Start your 7-day free trialIt's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
DNS
From novice to tech pro — start learning today.
-
Microsoft ApplicationsCertification: MCSE Microsoft Certified Systems Engineer - Identity … 440 lessons
-
Windows Server 2016Certification: MCSE Microsoft Certified Systems Engineer - Installatio… 312 lessons
-
Microsoft ApplicationsCertification: MOS Microsoft Office Specialist - PowerPoint 2013… 214 lessons
Experts Exchange Solution brought to you by
Enjoy your complimentary solution view.
Get every solution instantly with Premium.
Start your 7-day free trial.
> This appears to work when attempting to connect to somemachine.dev.abc.local but not othermachine.dev.abc.local
Please "ping somemachine" and see if you get back a ping message like this:
Open in new window
Instead of:Open in new window
If it manages to produce the "Pinging <name>" without the FQDN it's found the name using broadcast / WINS (NetBIOS name resolution).Otherwise look at "ipconfig /displaydns" and see if you have anything listed for somemachine.
The only way this will really work is if you configure and publish a DNS suffix for dev.abc.local. DNS suffix devolution (Append parent suffixes) works when going from dev.abc.local to abc.local, but not the other way around (as the DNS client has no means of establishing what any other label should be).
Chris