Solved

Difference Between OU Computer Name and DNS Name in Active Directory

Posted on 2016-08-12
8
63 Views
Last Modified: 2016-08-22
I'm learning "the hard way" what limitations the AWS Directory Service "SimpleAD" has.

After setting up SimpleAD according to the AWS directions, I have attached a few servers to this domain. Some of which I want to get rid of and some that I want to keep.

Here's my question:

Why is the Computer "Name" showing in the Computer's OU of Active Directory different than the DNS name?

A quick related follow-up question:

Will this cause some possible damage later on in the form of DNS collision if, for example, I attempt to reuse the name of the computer?

I'm really trying to get a handle on if this is a worthwhile use of my time to clean-up Active Directory or just re-create a server from the ground up.

In the screenshot, the OU is showing "DB-PRIVATE" and I actually renamed that computer "ESROM" and re-joined it to the Domain. It's this sort of weirdness between the two that is causing some frustration for me.

Thank you in advance for your help!


...
0
Comment
Question by:Tessando
  • 4
  • 2
  • 2
8 Comments
 
LVL 16

Expert Comment

by:FOX
ID: 41754302
Are you running on premise AD with Simple AD?
0
 

Author Comment

by:Tessando
ID: 41754308
Hey Foxluv - No On-Premise AD, this is isolated to Amazon Web Services. Thanks!
0
 
LVL 16

Expert Comment

by:FOX
ID: 41754317
So you are saying the computer that you have added to the domain as ESROM is showing up in your DNS as DB-Private?  
1. Is ESROM also showing up in your DNS
2.  Does ESrom have an entry on the nic for a primary DNS server
3.  If DB-Private doesn't have the same ip as ESROM right now you can remove it out of DNS forward and reverse lookups. You should remove it anyway.  When DNS updates ESROM will show up.
0
 

Author Comment

by:Tessando
ID: 41754352
Great questions.

SimpleAD is a "headless" Active Directory, so things like DNS I don't control. This is especially frustrating since I can't import the Active Directory Module in Powershell (just the first of a few examples).

For the sake of this conversation, let me ask this:

What I'm trying to figure out is why the original server name of "DB-PRIVATE" stuck around when I intentionally removed the server from the domain and then explicitly joined it as "ESROM".  Does that makes sense?

Again, this is in the context of a limited Active Directory.

Thanks again for your help!
0
How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

 
LVL 38

Expert Comment

by:Adam Brown
ID: 41754413
You mean the DB-PRIVATE object stuck around in SimpleAD after removing the server from the domain? That's actually pretty normal in most light-weight LDAP implementations The objects have to be deleted manually after the computer is removed from the domain.
0
 

Author Comment

by:Tessando
ID: 41754455
Yes, that's correct, Adam. The Server DB-PRIVATE stuck around even after termination. To manually delete it do I just <Right>-click and choose "Delete"?

Thanks!
0
 
LVL 38

Accepted Solution

by:
Adam Brown earned 500 total points
ID: 41754457
I haven't used SimpleAD, but that's the process in the full AD.
0
 

Author Closing Comment

by:Tessando
ID: 41765546
Thanks to everyone for their contribution. While I didn't get resolve to my SimpleAD-specific questions, this is enough information for me to at least delete the server in question.
0

Featured Post

IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

Companies that have implemented Microsoft’s Active Directory need to ensure that the Active Directory is configured and operating properly. If there are issues found and not resolved, it eventually leads the components to fail or stop working and fi…
There have been a lot of times when we have seen the need to enter a large number of DNS entries in a forward lookup zone. The standard procedure would be to launch the DNS Manager console, create the Zone and start adding new hosts using the New…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

706 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now