fusi0n Posted November 20, 2014 Share Posted November 20, 2014 I am having an odd issue, and I can't pinpoint the issue.. Right now, we are using a sonicwall and use SSL-VPN for our clients to remote in and browse files and/or remote desktop. The issue is, you have to use the FQDN to access their desktops now.. This hasn't been the case until about a week ago, when I added a new DC in the domain. I'm not sure if that has anything to do with it. I've tried using the old DC/DNS server in the Sonicwall to see if that would help, but no dice.. Running down to figure out what is causing this is crazy. When I'm on the LAN, I can get to anything without using the FQDN.. Any help or suggestions will be greatly appreciated. Link to comment Share on other sites More sharing options...
+BudMan MVC Posted November 20, 2014 MVC Share Posted November 20, 2014 how were they getting to it before?? Why/When would you use anything other than FQDN or IP? So your saying they put in hostname and expect to resolve that to an IP? You could resolve that via client auto adding domain to that, ie your suffix search, etc. where client actually queries dns for hostname.domain.tld even though you only put in hostname. Or you would have to broadcast for that, or you would have to be running wins, or client would have to have a host file pointing that hostname to an IP, etc.. Not using FQDN is BAD BAD practice.. fusi0n 1 Share Link to comment Share on other sites More sharing options...
sc302 Veteran Posted November 20, 2014 Veteran Share Posted November 20, 2014 probably not pushing out your domain name with your dhcp. fusi0n 1 Share Link to comment Share on other sites More sharing options...
fusi0n Posted November 20, 2014 Author Share Posted November 20, 2014 how were they getting to it before?? Why/When would you use anything other than FQDN or IP? So your saying they put in hostname and expect to resolve that to an IP? You could resolve that via client auto adding domain to that, ie your suffix search, etc. where client actually queries dns for hostname.domain.tld even though you only put in hostname. Or you would have to broadcast for that, or you would have to be running wins, or client would have to have a host file pointing that hostname to an IP, etc.. Not using FQDN is BAD BAD practice.. Thanks for the reply. I thought using just the hostname was the norm.. Thanks for catching me up to speed, and I'll start following that practice. I do find it odd, how it just stopped working, most likely right after I put a new DC in, and it's the first 2012 DC we have.. Link to comment Share on other sites More sharing options...
fusi0n Posted November 20, 2014 Author Share Posted November 20, 2014 how were they getting to it before?? Why/When would you use anything other than FQDN or IP? So your saying they put in hostname and expect to resolve that to an IP? You could resolve that via client auto adding domain to that, ie your suffix search, etc. where client actually queries dns for hostname.domain.tld even though you only put in hostname. Or you would have to broadcast for that, or you would have to be running wins, or client would have to have a host file pointing that hostname to an IP, etc.. Not using FQDN is BAD BAD practice.. and just for me to learn.. Why is not using FQDN a bad practice? I'm just curious.. Link to comment Share on other sites More sharing options...
+BudMan MVC Posted November 20, 2014 MVC Share Posted November 20, 2014 because how are you suppose to resolve host?? As I stated the only way you is either suffix search, or broadcast or wins. So while broadcast might work if your host is on the same segment as you, doesn't work if not on the same segment. Who runs wins anymore? What if your suffix search is not right, or you want to resolve a host in a different domain, if you rely on just your suffix search to fine the correct host for you, you might get the wrong host. When you rely on suffix search you normally send out way more queries that need to.. As the client is going to try everything in the suffix search. So lets say your suffix is site.country.domain.tld And your looking for host.domain.tld, you will query host.site.country.domain.tld, host.country.domain.tld, host.domain.tld - when if you would of used fqdn from the get go you would only have done 1 query. Its always better to ask direct question for sure what you want, not hoping that the system resolves works out what you want. If you know you want to go to host.domain.tld, why are you just putting in just host other than pure laziness? Link to comment Share on other sites More sharing options...
fusi0n Posted November 20, 2014 Author Share Posted November 20, 2014 because how are you suppose to resolve host?? As I stated the only way you is either suffix search, or broadcast or wins. So while broadcast might work if your host is on the same segment as you, doesn't work if not on the same segment. Who runs wins anymore? What if your suffix search is not right, or you want to resolve a host in a different domain, if you rely on just your suffix search to fine the correct host for you, you might get the wrong host. When you rely on suffix search you normally send out way more queries that need to.. As the client is going to try everything in the suffix search. So lets say your suffix is site.country.domain.tld And your looking for host.domain.tld, you will query host.site.country.domain.tld, host.country.domain.tld, host.domain.tld - when if you would of used fqdn from the get go you would only have done 1 query. Its always better to ask direct question for sure what you want, not hoping that the system resolves works out what you want. If you know you want to go to host.domain.tld, why are you just putting in just host other than pure laziness? Thank you very much, Budman. Link to comment Share on other sites More sharing options...
Recommended Posts