Don't Append Primary DNS Suffix

**Victor S.**

How can I configure Windows Vista to append the connection-specific DNS
suffix to DNS lookups but not the primary DNS suffix?

Here is the problem I am having. Laptops are joined to the AD domain so
their primary DNS suffix is the domain name. (I will use company.com as an
example.) Unfortunately, someone else registered our internal domain name on
the Internet and has a wildcard/catch-all DNS entry set so every hostname
resolves to the same IP address (e.g., 72.3.135.151). Internally, DNS
resolution works well because the internal DNS servers are authoritative for
the domain name. However, when not on the company network (such as when at a
client's site), all DNS lookups not using a FQDN return the same external IP
address (e.g., 72.3.135.151). Also, even if using the FQDN in nslookup,
everything always resolves to the same external IP address because nslookup
always appends the primary DNS suffix (e.g. hostname.test.com becomes
hostname.test.com.company.com, which returns 72.3.135.151).

I realize that there are workarounds (e.g. make the primary DNS suffix
different than the domain name, always use FQDNs, append a period at the end
of the FQDN in nslookup), but all of them have their problems and drawbacks.
For example, even if users get used to using FQDNs, some of our clients have
web-based applications that use just the hostnames. When using one of these
applications is accessed with one of our laptops, links to server2 get
redirected to server2.company.com, which brings up an external webpage and
breaks the app.

So, if it's possible, the only good solution I can see is to configure
Windows to ignore the primary DNS suffix and only append the
connection-specific suffix.

**Kerry Brown**

If it is just the company laptops with the problem adding the servers to the
hosts file on the laptops may work. This will only work if the servers are
only using a public IP address. If they have a private IP address that is
used internally then the laptops won't be able to access them while
connected to the internal network

--
Kerry Brown
MS-MVP - Windows Desktop Experience: Systems Administration
http://www.vistahelp.ca/phpBB2/
http://vistahelpca.blogspot.com/

"Victor S." wrote in message
...
How can I configure Windows Vista to append the connection-specific DNS
suffix to DNS lookups but not the primary DNS suffix?

Here is the problem I am having. Laptops are joined to the AD domain so
their primary DNS suffix is the domain name. (I will use company.com as
an
example.) Unfortunately, someone else registered our internal domain name
on
the Internet and has a wildcard/catch-all DNS entry set so every hostname
resolves to the same IP address (e.g., 72.3.135.151). Internally, DNS
resolution works well because the internal DNS servers are authoritative
for
the domain name. However, when not on the company network (such as when
at a
client's site), all DNS lookups not using a FQDN return the same external
IP
address (e.g., 72.3.135.151). Also, even if using the FQDN in nslookup,
everything always resolves to the same external IP address because
nslookup
always appends the primary DNS suffix (e.g. hostname.test.com becomes
hostname.test.com.company.com, which returns 72.3.135.151).

I realize that there are workarounds (e.g. make the primary DNS suffix
different than the domain name, always use FQDNs, append a period at the
end
of the FQDN in nslookup), but all of them have their problems and
drawbacks.
For example, even if users get used to using FQDNs, some of our clients
have
web-based applications that use just the hostnames. When using one of
these
applications is accessed with one of our laptops, links to server2 get
redirected to server2.company.com, which brings up an external webpage and
breaks the app.

So, if it's possible, the only good solution I can see is to configure
Windows to ignore the primary DNS suffix and only append the
connection-specific suffix.

**Victor S.**

I'm not sure which servers you are suggesting should be added to the hosts
file or how it might prevent the primary DNS suffix from being appended. In
any case, almost everything uses internal IP addresses. Those servers that
do use external IP addresses are not a problem since the FQDN for them is
always specified.

If you can think of a way that your recommendation can be modified to
prevent the appending of the primary DNS suffix when using internal IP
address, please let me know. Any other suggestions would also be
appreciated.

Thanks,

Victor

"Kerry Brown" *a*m wrote in message
...
If it is just the company laptops with the problem adding the servers to
the hosts file on the laptops may work. This will only work if the servers
are only using a public IP address. If they have a private IP address that
is used internally then the laptops won't be able to access them while
connected to the internal network

--
Kerry Brown
MS-MVP - Windows Desktop Experience: Systems Administration
http://www.vistahelp.ca/phpBB2/
http://vistahelpca.blogspot.com/

"Victor S." wrote in message
...
How can I configure Windows Vista to append the connection-specific DNS
suffix to DNS lookups but not the primary DNS suffix?

Here is the problem I am having. Laptops are joined to the AD domain so
their primary DNS suffix is the domain name. (I will use company.com as
an
example.) Unfortunately, someone else registered our internal domain
name on
the Internet and has a wildcard/catch-all DNS entry set so every hostname
resolves to the same IP address (e.g., 72.3.135.151). Internally, DNS
resolution works well because the internal DNS servers are authoritative
for
the domain name. However, when not on the company network (such as when
at a
client's site), all DNS lookups not using a FQDN return the same external
IP
address (e.g., 72.3.135.151). Also, even if using the FQDN in nslookup,
everything always resolves to the same external IP address because
nslookup
always appends the primary DNS suffix (e.g. hostname.test.com becomes
hostname.test.com.company.com, which returns 72.3.135.151).

I realize that there are workarounds (e.g. make the primary DNS suffix
different than the domain name, always use FQDNs, append a period at the
end
of the FQDN in nslookup), but all of them have their problems and
drawbacks.
For example, even if users get used to using FQDNs, some of our clients
have
web-based applications that use just the hostnames. When using one of
these
applications is accessed with one of our laptops, links to server2 get
redirected to server2.company.com, which brings up an external webpage
and
breaks the app.

So, if it's possible, the only good solution I can see is to configure
Windows to ignore the primary DNS suffix and only append the
connection-specific suffix.

**Kerry Brown**

If a name exists in the hosts file DNS is never used to resolve the name.
You would create entries like this:

192.168.2.1 servername
192.168.2.1 servername.domain.com

--
Kerry Brown
MS-MVP - Windows Desktop Experience: Systems Administration
http://www.vistahelp.ca/phpBB2/
http://vistahelpca.blogspot.com/

"Victor S." wrote in message
...
I'm not sure which servers you are suggesting should be added to the hosts
file or how it might prevent the primary DNS suffix from being appended.
In any case, almost everything uses internal IP addresses. Those servers
that do use external IP addresses are not a problem since the FQDN for
them is always specified.

If you can think of a way that your recommendation can be modified to
prevent the appending of the primary DNS suffix when using internal IP
address, please let me know. Any other suggestions would also be
appreciated.

Thanks,

Victor

"Kerry Brown" *a*m wrote in message
...
If it is just the company laptops with the problem adding the servers to
the hosts file on the laptops may work. This will only work if the
servers are only using a public IP address. If they have a private IP
address that is used internally then the laptops won't be able to access
them while connected to the internal network

--
Kerry Brown
MS-MVP - Windows Desktop Experience: Systems Administration
http://www.vistahelp.ca/phpBB2/
http://vistahelpca.blogspot.com/

"Victor S." wrote in message
...
How can I configure Windows Vista to append the connection-specific DNS
suffix to DNS lookups but not the primary DNS suffix?

Here is the problem I am having. Laptops are joined to the AD domain so
their primary DNS suffix is the domain name. (I will use company.com as
an
example.) Unfortunately, someone else registered our internal domain
name on
the Internet and has a wildcard/catch-all DNS entry set so every
hostname
resolves to the same IP address (e.g., 72.3.135.151). Internally, DNS
resolution works well because the internal DNS servers are authoritative
for
the domain name. However, when not on the company network (such as when
at a
client's site), all DNS lookups not using a FQDN return the same
external IP
address (e.g., 72.3.135.151). Also, even if using the FQDN in nslookup,
everything always resolves to the same external IP address because
nslookup
always appends the primary DNS suffix (e.g. hostname.test.com becomes
hostname.test.com.company.com, which returns 72.3.135.151).

I realize that there are workarounds (e.g. make the primary DNS suffix
different than the domain name, always use FQDNs, append a period at the
end
of the FQDN in nslookup), but all of them have their problems and
drawbacks.
For example, even if users get used to using FQDNs, some of our clients
have
web-based applications that use just the hostnames. When using one of
these
applications is accessed with one of our laptops, links to server2 get
redirected to server2.company.com, which brings up an external webpage
and
breaks the app.

So, if it's possible, the only good solution I can see is to configure
Windows to ignore the primary DNS suffix and only append the
connection-specific suffix.

**Victor S.**

OK. I understand now. It will definitely help in some situations but I'm
still hoping to find a way to have Vista bypass appending the primary DNS
suffix to lookups but still use the connection-specific DNS suffix. Your
response will work around the last of the situations that have come up, but
if I can replace all of the workarounds with one solution (one that is
easier on the users), I would prefer that.

Thanks,

Victor

"Kerry Brown" *a*m wrote in message
...
If a name exists in the hosts file DNS is never used to resolve the name.
You would create entries like this:

192.168.2.1 servername
192.168.2.1 servername.domain.com

--
Kerry Brown
MS-MVP - Windows Desktop Experience: Systems Administration
http://www.vistahelp.ca/phpBB2/
http://vistahelpca.blogspot.com/

"Victor S." wrote in message
...
I'm not sure which servers you are suggesting should be added to the
hosts file or how it might prevent the primary DNS suffix from being
appended. In any case, almost everything uses internal IP addresses.
Those servers that do use external IP addresses are not a problem since
the FQDN for them is always specified.

If you can think of a way that your recommendation can be modified to
prevent the appending of the primary DNS suffix when using internal IP
address, please let me know. Any other suggestions would also be
appreciated.

**Kerry Brown**

If your Active Directory domain name is the same as the public domain name
some one else has registered I don't think you will find one solution that
works in all cases. Even when you own the public domain name, having the
same AD domain name and public name is hard to manage for laptops that
travel outside the domain. If you do find a solution please post back with
how you did it.

--
Kerry Brown
MS-MVP - Windows Desktop Experience: Systems Administration
http://www.vistahelp.ca/phpBB2/
http://vistahelpca.blogspot.com/

"Victor S." wrote in message
...
OK. I understand now. It will definitely help in some situations but I'm
still hoping to find a way to have Vista bypass appending the primary DNS
suffix to lookups but still use the connection-specific DNS suffix. Your
response will work around the last of the situations that have come up,
but if I can replace all of the workarounds with one solution (one that is
easier on the users), I would prefer that.

Thanks,

Victor

"Kerry Brown" *a*m wrote in message
...
If a name exists in the hosts file DNS is never used to resolve the name.
You would create entries like this:

192.168.2.1 servername
192.168.2.1 servername.domain.com

--
Kerry Brown
MS-MVP - Windows Desktop Experience: Systems Administration
http://www.vistahelp.ca/phpBB2/
http://vistahelpca.blogspot.com/

"Victor S." wrote in message
...
I'm not sure which servers you are suggesting should be added to the
hosts file or how it might prevent the primary DNS suffix from being
appended. In any case, almost everything uses internal IP addresses.
Those servers that do use external IP addresses are not a problem since
the FQDN for them is always specified.

If you can think of a way that your recommendation can be modified to
prevent the appending of the primary DNS suffix when using internal IP
address, please let me know. Any other suggestions would also be
appreciated.

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode