Host Name Resolution from Parent Domain to Member Server on Child Domain

We have a parent domain, abc.local.  
We recently created a child domain dev.abc.local.  
The member machines in questions are VMWare guests machines.  
The VMWare host continues live on abc.local.
We want the domainadmin.abc.local to rdp to membermachine.dev.abc.local using only the host name.  
This appears to work when attempting to connect to somemachine.dev.abc.local but not othermachine.dev.abc.local.  
All machines were configured the same.
The internet protocol version 4 (TCP/IPv4) is used in every case.
TCP/IPv4 properties are set to use static IP address, subnet mask, and default gateways.  In addition, a preferred DNS server and an alternate DNS server are specified.
Advanced settings show the assigned static ip address and default gateway under the IP settings tab.  
Under the DNS tab, the primary dns server address (the dns address for dev.abc.local) is listed first and the alternate dns server address (the dns address for abc.local) is listed second.
Under the section for the resolution of unqualified names the defaults are selected which are 1) Append primary and connection specific DNS suffixes and 2) Append parent suffixes for the primary DNS suffix.
Finally, the check box is selected for the option to Register this connection's addresses in DNS.

Why are we able to rdp from the parent domain (abc.local) to a machine on the child domain (dev.abc.local) using the unqualified hostname and others require the FQDN?
AEPRTDAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Chris DentPowerShell DeveloperCommented:
> We want the domainadmin.abc.local to rdp to membermachine.dev.abc.local using only the host name.  
> This appears to work when attempting to connect to somemachine.dev.abc.local but not othermachine.dev.abc.local.

Please "ping somemachine" and see if you get back a ping message like this:
Pinging somemachine [1.2.3.4] with 32 bytes of data:

Open in new window

Instead of:
Pinging somemachine.dev.abc.local [1.2.3.4] with 32 bytes of data:

Open in new window

If it manages to produce the "Pinging <name>" without the FQDN it's found the name using broadcast / WINS (NetBIOS name resolution).

Otherwise look at "ipconfig /displaydns" and see if you have anything listed for somemachine.

The only way this will really work is if you configure and publish a DNS suffix for dev.abc.local. DNS suffix devolution (Append parent suffixes) works when going from dev.abc.local to abc.local, but not the other way around (as the DNS client has no means of establishing what any other label should be).

Chris
0
MaheshArchitectCommented:
In parent domain add new GPO at domain level and in GPO navigate to computer config\administrative templates\network\dns client and enable dns suffix search list
In search list add domain.com as 1st entry and add child.domain.com as 2nd entry separated by comma

This will ensure that for unqualified name child domain also get queried and if name available you will get name resolution
0
AEPRTDAuthor Commented:
Chris Dent:  pinging somemachine returns somemachine.abc.local when it should return somemachine.dev.abc.local.
0
Determine the Perfect Price for Your IT Services

Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden with our free interactive tool and use it to determine the right price for your IT services. Download your free eBook now!

Chris DentPowerShell DeveloperCommented:
You have a record for the host in the parent domain for some reason.

Chris
0
AEPRTDAuthor Commented:
Mahesh:  I will test your recommendation and let you know how it goes.
0
AEPRTDAuthor Commented:
Chris Dent:  As I stated above all the vm host machines live on the parent domain.
0
Chris DentPowerShell DeveloperCommented:
I'm aware of that, but you will need to implement a search list as I said in the first place to be able to query names using simple labels in child domains.

If you find any resolve already (as you said was the case with somemachine) they must either have records in the parent zone or be resolving using another name resolution service.

Chris
0
AEPRTDAuthor Commented:
Chris, thank you for your input.  Something is getting lost in translation between our responses I think.
I don't understand what you mean when you say, implement a search list.
0
Chris DentPowerShell DeveloperCommented:
Mahesh's instructions show you how to implement the search list which will let you resolve host names only in the child domain from the parent.

Chris
0
DrDave242Senior Support EngineerCommented:
In parent domain add new GPO at domain level and in GPO navigate to computer config\administrative templates\network\dns client and enable dns suffix search list
In search list add domain.com as 1st entry and add child.domain.com as 2nd entry separated by comma
This won't help with the current situation, though, since the parent domain's suffix will be appended first. When you run ping client1, for example, from the abc.local domain, the FQDN client1.abc.local will be attempted first. If there's a record in DNS with that FQDN (which appears to be the case for some hostnames, as Chris pointed out), it'll be returned in response to that query, and client1.dev.abc.local will never be attempted.

You can switch the order of the suffixes in the list so that dev.abc.local gets appended first, but that's still not completely ideal, as you're then stuck with the opposite problem: you won't be able to access machines in abc.local from that domain using only hostnames if there are also machines in dev.abc.local with those same hostnames. Whether or not this is a problem for you depends on your environment.

There's no perfect solution to this, as far as I can tell, other than making sure that every machine across both domains has a unique hostname (in other words, making sure that for each machine named x.abc.local, there's no machine named x.dev.abc.local and vice versa).

Using a GlobalNames zone is another option, but it's still not going to be perfect if there are matching hostnames across the domains.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
DNS

From novice to tech pro — start learning today.