Hi,

I find that I often can't ping machines (%Computer%) in a different domain
than mine that are on the same VPN. However, I most often can ping their
FQDN (%Computer%.%UserDNSname%).

There is no trust relationship between the domains and the only thing in
common is they're on the same VPN and I use the same credentials (UserName,
password) to log on to either domain.

I have a stub-zone DNS entry for the other Domain in my domain's DNS server.
What else do I need to make this more reliable?
---
Bob

Read inline please.

In news:%23vZy7xCrHHA.3924@TK2MSFTNGP04.phx.gbl,
Bob <86c6c2e6-2146512712@news.postalias> typed:
> Hi,
>
> I find that I often can't ping machines (%Computer%) in a different
> domain than mine that are on the same VPN. However, I most often can
> ping their FQDN (%Computer%.%UserDNSname%).
>
> There is no trust relationship between the domains and the only thing
> in common is they're on the same VPN and I use the same credentials
> (UserName, password) to log on to either domain.
>
> I have a stub-zone DNS entry for the other Domain in my domain's DNS
> server. What else do I need to make this more reliable?

DNS is unable to resolve single-label host names because they do not have a
DNS hierarchy. It is the responsibly of the client or client software to see
only DNS names to a DNS Server by appending non-FQDNs with a domain suffix
where the records are located.
If you want to access resources in the remote domain by only their NetBIOS
name, you will need to add the remote domain to the DNS Suffix search list,
use WINS, or use the hosts file.



--
Best regards,
Kevin D. Goodknecht Sr. [MVP]
Hope This s

===================================
When responding to posts, please "Reply to Group"
via your newsreader so that others may learn and
benefit from your issue, to respond directly to
me remove the nospam. from my email address.
===================================
http://www.lonestaramerica.com/
http://support.wftx.us/
http://message.wftx.us/
===================================
Use Outlook Express?... Get OE_Quotefix:
It will strip signature out and more
http://home.in.tum.de/~jain/software/oe-quotefix/
===================================
Keep a back up of your OE settings and folders
with OEBackup:
http://www.oe.com/OEBackup/Default.aspx
===================================

Hello Bob,

Thank you for using newsgroup!

I'd like to thanks Kevin for his kindly input and information sharing.

Thanks & Regards,

Ken Zhao

Microsoft Online Support
Microsoft Global Technical Support Center

Get Secure! - www.microsoft.com/security <http://www.microsoft.com/security>
================================================== ==
When responding to posts, please "Reply to Group" via your newsreader so
that others may learn and benefit from your issue.
================================================== ==
This posting is provided "AS IS" with no warranties, and confers no rights.





--------------------
| Reply-To: "Kevin D. Goodknecht Sr. [MVP]" <admin@nospam.WFTX.US>
| From: "Kevin D. Goodknecht Sr. [MVP]" <admin@nospam.WFTX.US>
| References: <#vZy7xCrHHA.3924@TK2MSFTNGP04.phx.gbl>
| Subject: Re: ping ComputerName often fails
| Date: Mon, 11 Jun 2007 09:04:47 -0500
| Lines: 52
| X-Priority: 3
| X-MSMail-Priority: Normal
| X-Newsreader: Microsoft Outlook Express 6.00.2900.3028
| X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.3028
| Message-ID: <O$4y5FDrHHA.4984@TK2MSFTNGP03.phx.gbl>
| Newsgroups: microsoft.public.windows.server.dns
| NNTP-Posting-Host: ns2.lonestaramerica.com 65.65.91.210
| Path: TK2MSFTNGHUB02.phx.gbl!TK2MSFTNGP01.phx.gbl!TK2MSF TNGP03.phx.gbl
| Xref: TK2MSFTNGHUB02.phx.gbl microsoft.public.windows.server.dns:3504
| X-Tomcat-NG: microsoft.public.windows.server.dns
|
| Read inline please.
|
| In news:%23vZy7xCrHHA.3924@TK2MSFTNGP04.phx.gbl,
| Bob <86c6c2e6-2146512712@news.postalias> typed:
| > Hi,
| >
| > I find that I often can't ping machines (%Computer%) in a different
| > domain than mine that are on the same VPN. However, I most often can
| > ping their FQDN (%Computer%.%UserDNSname%).
| >
| > There is no trust relationship between the domains and the only thing
| > in common is they're on the same VPN and I use the same credentials
| > (UserName, password) to log on to either domain.
| >
| > I have a stub-zone DNS entry for the other Domain in my domain's DNS
| > server. What else do I need to make this more reliable?
|
| DNS is unable to resolve single-label host names because they do not have
a
| DNS hierarchy. It is the responsibly of the client or client software to
see
| only DNS names to a DNS Server by appending non-FQDNs with a domain
suffix
| where the records are located.
| If you want to access resources in the remote domain by only their
NetBIOS
| name, you will need to add the remote domain to the DNS Suffix search
list,
| use WINS, or use the hosts file.
|
|
|
| --
| Best regards,
| Kevin D. Goodknecht Sr. [MVP]
| Hope This s
|
| ===================================
| When responding to posts, please "Reply to Group"
| via your newsreader so that others may learn and
| benefit from your issue, to respond directly to
| me remove the nospam. from my email address.
| ===================================
| http://www.lonestaramerica.com/
| http://support.wftx.us/
| http://message.wftx.us/
| ===================================
| Use Outlook Express?... Get OE_Quotefix:
| It will strip signature out and more
| http://home.in.tum.de/~jain/software/oe-quotefix/
| ===================================
| Keep a back up of your OE settings and folders
| with OEBackup:
| http://www.oe.com/OEBackup/Default.aspx
| ===================================
|
|
|

Hi,

Better add the domain name in your host entry. Then u may solve it seems. I
faced similar problem in same domain and i do the same step, then it was ok.

""Ken Zhao [MSFT]"" wrote:

> Hello Bob,
>
> Thank you for using newsgroup!
>
> I'd like to thanks Kevin for his kindly input and information sharing.
>
> Thanks & Regards,
>
> Ken Zhao
>
> Microsoft Online Support
> Microsoft Global Technical Support Center
>
> Get Secure! - www.microsoft.com/security <http://www.microsoft.com/security>
> ================================================== ==
> When responding to posts, please "Reply to Group" via your newsreader so
> that others may learn and benefit from your issue.
> ================================================== ==
> This posting is provided "AS IS" with no warranties, and confers no rights.
>
>
>
>
>
> --------------------
> | Reply-To: "Kevin D. Goodknecht Sr. [MVP]" <admin@nospam.WFTX.US>
> | From: "Kevin D. Goodknecht Sr. [MVP]" <admin@nospam.WFTX.US>
> | References: <#vZy7xCrHHA.3924@TK2MSFTNGP04.phx.gbl>
> | Subject: Re: ping ComputerName often fails
> | Date: Mon, 11 Jun 2007 09:04:47 -0500
> | Lines: 52
> | X-Priority: 3
> | X-MSMail-Priority: Normal
> | X-Newsreader: Microsoft Outlook Express 6.00.2900.3028
> | X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.3028
> | Message-ID: <O$4y5FDrHHA.4984@TK2MSFTNGP03.phx.gbl>
> | Newsgroups: microsoft.public.windows.server.dns
> | NNTP-Posting-Host: ns2.lonestaramerica.com 65.65.91.210
> | Path: TK2MSFTNGHUB02.phx.gbl!TK2MSFTNGP01.phx.gbl!TK2MSF TNGP03.phx.gbl
> | Xref: TK2MSFTNGHUB02.phx.gbl microsoft.public.windows.server.dns:3504
> | X-Tomcat-NG: microsoft.public.windows.server.dns
> |
> | Read inline please.
> |
> | In news:%23vZy7xCrHHA.3924@TK2MSFTNGP04.phx.gbl,
> | Bob <86c6c2e6-2146512712@news.postalias> typed:
> | > Hi,
> | >
> | > I find that I often can't ping machines (%Computer%) in a different
> | > domain than mine that are on the same VPN. However, I most often can
> | > ping their FQDN (%Computer%.%UserDNSname%).
> | >
> | > There is no trust relationship between the domains and the only thing
> | > in common is they're on the same VPN and I use the same credentials
> | > (UserName, password) to log on to either domain.
> | >
> | > I have a stub-zone DNS entry for the other Domain in my domain's DNS
> | > server. What else do I need to make this more reliable?
> |
> | DNS is unable to resolve single-label host names because they do not have
> a
> | DNS hierarchy. It is the responsibly of the client or client software to
> see
> | only DNS names to a DNS Server by appending non-FQDNs with a domain
> suffix
> | where the records are located.
> | If you want to access resources in the remote domain by only their
> NetBIOS
> | name, you will need to add the remote domain to the DNS Suffix search
> list,
> | use WINS, or use the hosts file.
> |
> |
> |
> | --
> | Best regards,
> | Kevin D. Goodknecht Sr. [MVP]
> | Hope This s
> |
> | ===================================
> | When responding to posts, please "Reply to Group"
> | via your newsreader so that others may learn and
> | benefit from your issue, to respond directly to
> | me remove the nospam. from my email address.
> | ===================================
> | http://www.lonestaramerica.com/
> | http://support.wftx.us/
> | http://message.wftx.us/
> | ===================================
> | Use Outlook Express?... Get OE_Quotefix:
> | It will strip signature out and more
> | http://home.in.tum.de/~jain/software/oe-quotefix/
> | ===================================
> | Keep a back up of your OE settings and folders
> | with OEBackup:
> | http://www.oe.com/OEBackup/Default.aspx
> | ===================================
> |
> |
> |
>
>

Hi Kevin,

I think the times that pinging the computer name (NetBIOS name) works for me
is when the Flexible Single Master Operations Role (FSMO) DC is found.

I don't have WINS installed. I don't think I've a DNS Suffix search list
created, and I haven't yet looked up what a "hosts file" is, but I suspect I
don't have it.

Anyway, could the availablity of the FSMO Domain Controller be the reason
why I find its NetBIOS name on occassion?

Thanks for all the info!

Read inline please.

In news:eZxCTzRrHHA.1208@TK2MSFTNGP02.phx.gbl,
Bob <86c6c2e6-2146512712@news.postalias> typed:
> Hi Kevin,
>
> I think the times that pinging the computer name (NetBIOS name) works
> for me is when the Flexible Single Master Operations Role (FSMO) DC
> is found.

No, the FSMO roles have nothing to do with NetBIOS name resolution.

>
> I don't have WINS installed. I don't think I've a DNS Suffix search
> list created, and I haven't yet looked up what a "hosts file" is, but
> I suspect I don't have it.

By default the Primary DNS Suffix and Connection Specific DNS suffix are
added the DNS suffix search list. (Check your ipconfig /all)
The hosts file is a text based file located in the
%systemroot%\system32\drivers\etc directory, it has no file extension, it is
simply named hosts and can be edited to add hosts that required special name
resolution

That said, I typically don't use hosts files anymore because it can be an
administration nightmare. It is much easier to add records to the DNS zone
named in the DNS suffix search list.
In your case, since you have more than on DNS namespace to search, i.e.
domain1.com and domain2.com you should add both suffixes to the list, having
stub zones or any other zones won't be enough. You have to add those domains
to the DNS suffix search list. If you have an AD environment, as I suspect,
you can do this in a group policy here:
Default Domain Policy
Computer Configuration
-Administrative templates
-Network
DNS Client- DNS Suffix search List

>
> Anyway, could the availablity of the FSMO Domain Controller be the
> reason why I find its NetBIOS name on occassion?

No.



--
Best regards,
Kevin D. Goodknecht Sr. [MVP]
Hope This s

===================================
When responding to posts, please "Reply to Group"
via your newsreader so that others may learn and
benefit from your issue, to respond directly to
me remove the nospam. from my email address.
===================================
http://www.lonestaramerica.com/
http://support.wftx.us/
http://message.wftx.us/
===================================
Use Outlook Express?... Get OE_Quotefix:
It will strip signature out and more
http://home.in.tum.de/~jain/software/oe-quotefix/
===================================
Keep a back up of your OE settings and folders
with OEBackup:
http://www.oe.com/OEBackup/Default.aspx
===================================

Okay, I understand it a little better now.

I added the two remote domains to my "DNS suffix search list" via GPO. I
rebooted the machine and they are now part of it (as displayed in ipconfig
/all). I did not add my domain to the GPO and I can see my "DNS suffix
search list" no longer has a reference to it. I can ping my local machines
just fine (for now anyway!).

I presume I don't need to add my own domain to the "DNS suffix search list"
because it is displayed in ipconfig /all as "Primary Dns suffix" (and some
machines, not all, also display my domain in the "Connection-specific DNS
suffix" also. Some machines have no entry for Connection-specific DNS
suffix", but they all have "Primary Dns suffix" and also the GPO controlled
"DNS suffix search list".

I presume having a blank "Connection-specific DNS suffix" is not a problem?

btw I have no other GPO setting in the:
Computer Configuration
-Administrative templates
-Network
DNS Client

Thanks!

"Kevin D. Goodknecht Sr. [MVP]" <admin@nospam.WFTX.US> wrote in message
news:uI0lsdTrHHA.1200@TK2MSFTNGP04.phx.gbl...
> Read inline please.
>
> In news:eZxCTzRrHHA.1208@TK2MSFTNGP02.phx.gbl,
> Bob <86c6c2e6-2146512712@news.postalias> typed:
>> Hi Kevin,
>>
>> I think the times that pinging the computer name (NetBIOS name) works
>> for me is when the Flexible Single Master Operations Role (FSMO) DC
>> is found.
>
> No, the FSMO roles have nothing to do with NetBIOS name resolution.
>
>>
>> I don't have WINS installed. I don't think I've a DNS Suffix search
>> list created, and I haven't yet looked up what a "hosts file" is, but
>> I suspect I don't have it.
>
> By default the Primary DNS Suffix and Connection Specific DNS suffix are
> added the DNS suffix search list. (Check your ipconfig /all)
> The hosts file is a text based file located in the
> %systemroot%\system32\drivers\etc directory, it has no file extension, it
> is
> simply named hosts and can be edited to add hosts that required special
> name
> resolution
>
> That said, I typically don't use hosts files anymore because it can be an
> administration nightmare. It is much easier to add records to the DNS zone
> named in the DNS suffix search list.
> In your case, since you have more than on DNS namespace to search, i.e.
> domain1.com and domain2.com you should add both suffixes to the list,
> having
> stub zones or any other zones won't be enough. You have to add those
> domains
> to the DNS suffix search list. If you have an AD environment, as I
> suspect,
> you can do this in a group policy here:
> Default Domain Policy
> Computer Configuration
> -Administrative templates
> -Network
> DNS Client- DNS Suffix search List
>
>>
>> Anyway, could the availablity of the FSMO Domain Controller be the
>> reason why I find its NetBIOS name on occassion?
>
> No.
>
>
>
> --
> Best regards,
> Kevin D. Goodknecht Sr. [MVP]
> Hope This s
>
> ===================================
> When responding to posts, please "Reply to Group"
> via your newsreader so that others may learn and
> benefit from your issue, to respond directly to
> me remove the nospam. from my email address.
> ===================================
> http://www.lonestaramerica.com/
> http://support.wftx.us/
> http://message.wftx.us/
> ===================================
> Use Outlook Express?... Get OE_Quotefix:
> It will strip signature out and more
> http://home.in.tum.de/~jain/software/oe-quotefix/
> ===================================
> Keep a back up of your OE settings and folders
> with OEBackup:
> http://www.oe.com/OEBackup/Default.aspx
> ===================================
>
>

Oh well, that was short lived.

One of my local workstations could no longer find the local domain. I guess
that means I should list the Primary DNS Suffix as the first choice in my
GPO for DNS suffix search list. I did that and now all works great! (I
hope!).

Thanks Kevin for all your !