none
SP2 Release Candidate - DNS client bug on both 2008 and Vista

    Question

  • NOTE: This issue only occurs on the Release Candidate. It did not occur on the Beta release of SP2.

    Upon installing SP2 RC on both Vista and Server 2008, the computers no longer append all parent suffixes of the primary DNS suffix during a DNS search. It only appends one parent. I can see this when I run ipconfig /all and view the suffix search list. On my network I have three DNS domains.

    SP1 and SP2 Beta appends all three in search list:
    corp.ad.mycompany.com         (Primary Active Directory DNS namespace)
    ad.mycompany.com                (Empty top-level Active Directory DNS namespace)
    mycompany.com                    (Top-level DNS namespace; BIND)

    SP2 RC only appends:
    corp.ad.mycompany.com
    ad.mycompany.com

    Normally, these three domain suffixes are automatically added to the search list of any computer joined to the corp.ad.mycompany.com domain, given the default DNS settings of "Append primary and connection specific DNS suffixes" and "Append parent suffixes of the primary DNS suffix" are enabled, which I confirmed they are. Upon installing this Release Candidate of SP2, my "top-level" DNS namespace was dropped from the search list, leaving only the other two. This would be a major problem since we have non-Windows systems that are only in the BIND DNS namespace.

    The strange thing is that when I perform an nslookup on just a host name that is in the mycompany.com, I would receive an answer (non-authoritative). However, when I would try browse to a share (UNC) or web site using that same host name without suffix, it would come back not found. If I add the suffix, it would connect. This must go back to the fact that SP2 RC removed "mycompany.com" from the suffix search list.

    I installed the Beta version of Service Pack 2 when it was released, and this problem did not occur. So, is this a bug or change? I hope it is not a change. If so, I would have to push out a manual suffix search list via GPO or some means.

    I aslo should mentioned that I made sure DNS devolution was enabled by setting it in Group Policy.

    Friday, March 13, 2009 7:26 PM

Answers

  • The SP2 team looked at this issue and replied with the following:

    “We have fixed this issue in later builds of SP2. For now, can you create and set the following registry key HKEY_LOCAL_MACHINE\system\CurrentControlSet\Services\Dnscache\Parameters: Please create a DWORD value: DomainNameDevolutionLevel and set it to 2 and try resolving names. Please note that this registry value may be overwritten in future OS updates or SP2 builds Thanks, Kalpesh [MSFT]”

    I tried the registry key fix on a Windows Vista computer, and it worked. All parent domains are now included in the suffix search list.

    • Marked as answer by Brandon.M Thursday, March 19, 2009 2:11 PM
    Thursday, March 19, 2009 2:11 PM

All replies

  • I also want to add that it seems that I can no longer connect to any file shares from my Windows Server 2008 computer upon installing SP2. This is regardless of the DNS issue, because I am trying to connect to server shares that are in the same DNS namespace. Again, I did not have such a problem with the beta version.

    My Windows Server 2008 system is a completely new build, joined to my domain. I installed SP2 right after joining the domain. I have uninstalled SP2 and all is working normally. Looks like this RC may have some issues.

    Friday, March 13, 2009 9:31 PM
  • You can configure this with Group Policy.

    You can open the Local Computer Policy by opening mmc, Start>Run type mmc (enter).

    "Select File\Add/Remove Snap-in".  Then select Group Policy Object Editor add it, and accept the default, "Local Computer Policy".

    The values you need to set are the ones with "DNS Suffix" in the label.  Read the explanations provided and you should be able to figure it out.
    • Edited by Brian Borg Saturday, March 21, 2009 9:43 PM
    Friday, March 13, 2009 10:42 PM
  • Thanks for the tip, but that does not fix the problem. I already tried to enable "Primary DNS suffix devolution" in Group Policy, which I believe is enabled by default, but it had no effect. I could jam in the suffix search list through Group Policy, but I shouldn't need to.

    I have no intentions of rolling out this pre-release of SP2 to my systems. I hope that the issue is resolved for the final release.
    Friday, March 13, 2009 10:50 PM
  • Maybe you should file a bug report. 

    If you are a member of the SP 2 Beta Connection, you can submit feedback.

    You can join the connection at https://connect.microsoft.com/site/sitehome.aspx?SiteID=691.
    Friday, March 13, 2009 11:27 PM
  • I get "page not found" when I click on the link.
    Saturday, March 14, 2009 3:37 PM
  • Try going to https://connect.microsoft.com/directory/.  Scroll down on the page and see if you can find the one labeled Windows Vista SP2 Beta & Server 2008 SP2 Beta, and see if you can join it.

    Otherwise you could try the link one time on the page http://technet.microsoft.com/en-us/windowsserver/dd262148.aspx.  You have to sign in with your Windows Live ID for any of these to work.

    If none of these work your only option is to try Microsoft support services. 
    Saturday, March 14, 2009 9:18 PM
  • Hi Brandon,

    Please file a bug through http://connect.microsoft.com/InvitationUse.aspx?ProgramID=2730&SiteID=749&InvitationID=CPP-G93D-QDHH and let us know the feedback ID here so that we can track your request uniquely.

    Please ensure to run Feedback Data Collector Tool and submit the log files along with the report. Please tell me if you need some help or clarification in filing the bug.

    Thanks
    Arun


    We build Service Pack 2
    Sunday, March 15, 2009 9:55 AM
  • The SP2 team looked at this issue and replied with the following:

    “We have fixed this issue in later builds of SP2. For now, can you create and set the following registry key HKEY_LOCAL_MACHINE\system\CurrentControlSet\Services\Dnscache\Parameters: Please create a DWORD value: DomainNameDevolutionLevel and set it to 2 and try resolving names. Please note that this registry value may be overwritten in future OS updates or SP2 builds Thanks, Kalpesh [MSFT]”

    I tried the registry key fix on a Windows Vista computer, and it worked. All parent domains are now included in the suffix search list.

    • Marked as answer by Brandon.M Thursday, March 19, 2009 2:11 PM
    Thursday, March 19, 2009 2:11 PM