none
ping hosts in subdomain without fqdn RRS feed

  • Question

  • Hello,

    I will add a separate active directory forest as a subdomain (DNS) to my internal forest, so for example I have dmz.example.com.

    In my internal forest I will simply ping host names and it will resolve since the systems is part of that domain.  But now looking at how to be able to ping host names in the dmz.example.com forest without having to use the full fqdn of host.dmz.example.com.?

    Thank you


    Robert


    Tuesday, March 5, 2019 4:32 PM

Answers

  • Hi,

    I do not see that behavior when I added the zone files?

    So I have a active directory domain/forest "example.com" and then I am adding another separate (with one way trust) domain/forest "dmz.example.com".  Computers joined to "example.com" can access hosts with the host name, without needing to use full fqdn of "host.example.com".  

    The questions was how to best give network users in "example.com" domain ability to access hosts in the "dmz.example.com" by using the host names in the "dmz.example.com" domain, without have to use full fqdn.

    From looking around, I have found to use group policy to add suffix search list, so it appears that is the solution.  I have also simply added the suffix search list for individual computers.  I also looked at dhcp 135 option, but doesn't seem to be a supported function on windows dhcp clients.  So in the end it seems group policy is the solution.

    Let me know if there are other solutions.

    Thx


    Robert



    • Edited by NordMann1087 Wednesday, March 6, 2019 3:20 PM
    • Marked as answer by NordMann1087 Thursday, March 7, 2019 3:54 PM
    Wednesday, March 6, 2019 3:18 PM
  • Hi,

    It is a good idea to use group policy to add suffix search list. Please refer to the link below:

    https://social.technet.microsoft.com/Forums/en-US/0c96cf76-f66a-436d-89a4-2914b3c0b04a/append-to-dns-search-suffixes-set-by-gpo?forum=w7itpronetworking  

    Best regards,

    Travis


    Please remember to mark the replies as an answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com

    • Marked as answer by NordMann1087 Thursday, March 7, 2019 3:54 PM
    Thursday, March 7, 2019 9:19 AM
    Moderator

All replies

  • Hi,

    I don't quite understand you. Do you mean that you add a new zone (dmz.example.com)in DNS server?

    As long as the host names in dmz.example.com and internal domain are not duplicated, you can ping hosts without FQDN.

    Best regards,

    Travis


    Please remember to mark the replies as an answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com

    Wednesday, March 6, 2019 2:19 AM
    Moderator
  • Hi,

    I do not see that behavior when I added the zone files?

    So I have a active directory domain/forest "example.com" and then I am adding another separate (with one way trust) domain/forest "dmz.example.com".  Computers joined to "example.com" can access hosts with the host name, without needing to use full fqdn of "host.example.com".  

    The questions was how to best give network users in "example.com" domain ability to access hosts in the "dmz.example.com" by using the host names in the "dmz.example.com" domain, without have to use full fqdn.

    From looking around, I have found to use group policy to add suffix search list, so it appears that is the solution.  I have also simply added the suffix search list for individual computers.  I also looked at dhcp 135 option, but doesn't seem to be a supported function on windows dhcp clients.  So in the end it seems group policy is the solution.

    Let me know if there are other solutions.

    Thx


    Robert



    • Edited by NordMann1087 Wednesday, March 6, 2019 3:20 PM
    • Marked as answer by NordMann1087 Thursday, March 7, 2019 3:54 PM
    Wednesday, March 6, 2019 3:18 PM
  • Hi,

    It is a good idea to use group policy to add suffix search list. Please refer to the link below:

    https://social.technet.microsoft.com/Forums/en-US/0c96cf76-f66a-436d-89a4-2914b3c0b04a/append-to-dns-search-suffixes-set-by-gpo?forum=w7itpronetworking  

    Best regards,

    Travis


    Please remember to mark the replies as an answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com

    • Marked as answer by NordMann1087 Thursday, March 7, 2019 3:54 PM
    Thursday, March 7, 2019 9:19 AM
    Moderator