Location: List Archives

List Archives

This forum is an archive of all posts to our mailing list over the past few years.  The forum is set read only therefore to contribute you will need to join our list community.  See more info about this here.

 

When subscribed to the list you should use your standard email client to send your posts to ActiveDir@mail.activedir.org.

List Archives

Forums >ActiveDir Mail List Archive >List Archives
Subject: RE: [ActiveDir] DNS suffix search order list
Prev Next
You are not authorized to post a reply.

AuthorMessages
jeremytsUser is Offline

Posts:44

02/01/2012 6:37 PM  
Hi Mohan,

GlobalName Zones is a feature to help you migrate away from WINS to DNS, but is not meant to be a replacement for WINS in the long term. There are heaps of articles that make this statement. In my opinion it’s a bit of a DNS hack to remove a legacy mess.

In these situations I would rather do the job properly. So I tend to give customers two (2) options for addressing services that use a hostname only and will not be resolved but any zone listed in the DNS Suffix Search Order list:
1. Use FQDNs – by changing references everywhere in clients. This can be done via a logon script…for example.
2. Create an alias (CNAME) record created within the primary zone.

In your example of a fileserver you may also need to DisableStrictNameChecking and DisableLoopbackCheck on the file server, and register the alias name as Kerberos service principal names (SPNs) for Windows functions such as Printing and SMB 2.0 file services. But generic SMB 1.0 file serving does not require registering the SPNs.

I haven’t found a use case that this doesn’t work for, or a customer that has refused to address the issues properly.

DNS Suffix Search Order is a client based setting under all operating systems, not just Windows. It is not the function of a DNS server to handle this, and is a requirement for managing name resolution across multiple zones.

Cheers,
Jeremy.

-----Original Message-----
From: activedir-owner@xxxxxxxxxxxxxxxx [mailto:activedir-owner@xxxxxxxxxxxxxxxx] On Behalf Of Noble, William (P&G Active Directory Services)
Sent: Thursday, 17 November 2011 1:24 PM
To: activedir@xxxxxxxxxxxxxxxx
Cc: activedir@xxxxxxxxxxxxxxxx
Subject: Re: [ActiveDir] DNS suffix search order list

Yes, but in a better world people need to get in the proper FQDN habit.

Suffix search list is just crutch like WINS is, IMHO.

Cheers
wsn

"What we think, we become"

On Nov 17, 2011, at 12:20 AM, "Biju_babu@xxxxxxxxxxxxxxxx<mailto:Biju_babu@xxxxxxxxxxxxxxxx>" <Biju_babu@xxxxxxxxxxxxxxxx<mailto:Biju_babu@xxxxxxxxxxxxxxxx>> wrote:

If u have multiple DNS domains and no WINS then yes u need the DNS search suffix populated in client machines.

Didn’t look into GNZ, so no idea there.

From: activedir-owner@xxxxxxxxxxxxxxxx<mailto:activedir-owner@xxxxxxxxxxxxxxxx> [mailto:activedir-owner@xxxxxxxxxxxxxxxx] On Behalf Of mohan.activedirectorysupport@xxxxxxxxxxxxxxxx<mailto:mohan.activedirectorysupport@xxxxxxxxxxxxxxxx>
Sent: Thursday, November 17, 2011 10:09 AM
To: ActiveDir@xxxxxxxxxxxxxxxx<mailto:ActiveDir@xxxxxxxxxxxxxxxx>
Subject: [ActiveDir] DNS suffix search order list


Hi All,

I sent a same question yesterday but it still did not reach the thread i believe..

Just want to re-cap through the new features of AD 2008 and stopped for a while at Global Name Zones... This is a new feature which is clear but this raised an another question..

In an AD integrated DNS in existing WS2003 environment, if you want to search for a name \\fileserver\share\<file:///\\fileserver\share\> you should have a DNS suffix search order list populated in each and every client machines. Without this you can't resolve a name like this. Is this true? But this is possible in WINS environment without a search order list.

Am i correct in saying that " To move away slowly from WINS environment to DNS, MS needed this dns suffix search order list in WS2003 and now to GNZ's.

Please help..
--
Regards,
Mohan R
Level2-Server support Engineer.

.+-�w��i��0��-�����+���֬


List info: http://www.activedir.org/List.aspx
You are not authorized to post a reply.
Forums >ActiveDir Mail List Archive >List Archives > RE: [ActiveDir] DNS suffix search order list



ActiveForums 3.7
Friends

Friends

VisualClickButoton
Members

Members

MembershipMembership:
Latest New UserLatest:BipGnbyP0I
New TodayNew Today:2
New YesterdayNew Yesterday:0
User CountOverall:5493
People OnlinePeople Online:
VisitorsVisitors:46
MembersMembers:0
TotalTotal:46
Online NowOnline Now:

Ads

Copyright 2012 ActiveDir.org
Terms Of Use