Solved

Child Domain and dns suffixes

Posted on 2016-11-18
9
28 Views
Last Modified: 2016-12-01
So I have a child domain and I can not ping a machine from the the parent domain with out putting in the FQDN.

and nslookup will not work unless I do the same.

So I'm thinking a DNS issue.  if I add the child domain name in the network properties of my machine I can ping and nslookup

when I run dcdiag /e /test:dns from parent domain controller I get this

at the bottome
-dns.png
0
Comment
Question by:Michael Chonlahan
  • 4
  • 3
  • 2
9 Comments
 
LVL 39

Assisted Solution

by:footech
footech earned 250 total points
ID: 41893879
You will have to specify which DNS suffixes should be tried.  You can specify this manually in the NIC properties of a computer, but if you need to set for multiple machines it's best to use Group Policy (under Computer > Administrative Templates > Network > DNS Client > DNS Suffix Search List).
0
 

Author Comment

by:Michael Chonlahan
ID: 41893890
Ok is there a reason why it is not automatically doing that?  on the child it automatily put that if I did a ipconfig /all it shows both but on the parent I have to put it on the nic card properties.
0
 
LVL 25

Accepted Solution

by:
DrDave242 earned 250 total points
ID: 41901800
Ok is there a reason why it is not automatically doing that?  on the child it automatily put that if I did a ipconfig /all it shows both but on the parent I have to put it on the nic card properties.

I'm fairly certain that this is normal behavior. A member of a child domain will (by default) add the child domain's DNS suffix and any parent domain suffixes to its search list (known as DNS devolution), but this doesn't happen automatically the other way around. If you think about it, the FQDN is required to uniquely identify the machine you're trying to reach. There's no way for the OS to know if the hostname "server1" should refer to server1.parent.com, server1.child.parent.com, or something else.

As footech mentioned, Group Policy is the best way to add the child domain suffix to multiple machines.
0
 

Author Comment

by:Michael Chonlahan
ID: 41901801
Ok thank you I will work on setting up a group policy to add it.

Thank you all for the help
0
Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

 
LVL 39

Assisted Solution

by:footech
footech earned 250 total points
ID: 41903493
Thanks, DrDave242, for jumping in.  Somehow this had slipped past me.
0
 
LVL 39

Assisted Solution

by:footech
footech earned 250 total points
ID: 41909199
I'm not going to object, but it would have been more appropriate to split points, as both DrDave242 and I answered some of your questions.
0
 

Author Comment

by:Michael Chonlahan
ID: 41909201
sorry did know I could do that new to this site.
0
 
LVL 25

Assisted Solution

by:DrDave242
DrDave242 earned 250 total points
ID: 41909223
Footech's right; the points should be split. There's a way to do that after a question has been closed, as I've seen it done before, but I honestly don't know how to do it. Submit an attention request, maybe?
0
 
LVL 39

Assisted Solution

by:footech
footech earned 250 total points
ID: 41909256
Yes, but I'm not going to ask anyone to do that.  Just keep it in mind for the next time.
0

Featured Post

Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

Join & Write a Comment

Suggested Solutions

This article is intended as an extension of a blog on Aging and Scavenging by the MS Enterprise Networking Team. In brief, Scavenging is used as follows: Each record in a zone which has been dynamically registered with an MS DNS Server will have…
If you have a multi-homed DNS setup in windows, you can have issues with connectivity to the server that hosts the DNS services (or even member servers of your domain if this same DNS server is a DC). This is because windows registers all of its IPs…
This video discusses moving either the default database or any database to a new volume.
This video demonstrates how to create an example email signature rule for a department in a company using CodeTwo Exchange Rules. The signature will be inserted beneath users' latest emails in conversations and will be displayed in users' Sent Items…

747 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now