I’m finally back online after being on vacation for a couple of weeks following my second daughter’s birth. If you follow me on Twitter or FaceBook you know that Emily Grace Adams was born 11/4/2009 @ 1:46pm. She weighed 6lbs 9oz and was 18″ long. She is very healthy and doing extremely well. I can’t thank my wife Jennifer enough for the sacrifices she has made for our family. She is an amazing and inspiring woman that I’m proud I can call my wife.
I guess it is now back to work and the real world, but at least the holidays are upon us. Here our some pictures of our new daughter.
If you have ever worked in a company with a split DNS name space or one that has gone through a merger, you have probably dealt with the DNS suffix search list. This list allows a user to put “companyweburl” in their browser address and it actually resolve. This works because Windows will cycle through the DNS suffix search list appending each suffix to what was typed into the address bar until it finds a site. If the list contains contoso.com and litware.com then the OS will attempt companyweburl.contoso.com first. If it gets a response from that site then off you go. If it does not then it tries companyweburl.litware.com.
To set the suffix search list, open the properties of your network connection and then open the TCP/IP properties. Now click Advanced and go to the DNS tab. Here you can set your suffix list as shown.
DNS Suffix Search List
There are two other places you can view your current suffix search list. The first is by opening a command prompt and typing in “ipconfig /all”. The second is in the registry and can be found in this location:
In a large environment making this change on all the clients can be daunting, but there are several solutions. I won’t go into all the solutions, but VBScript or PowerShell scripts being deployed through domain group policy or user logons are good ones. The most obvious solution is to just make the change by deploying a domain group policy. This method has a catch in that it sets itself in a different registry key than if you set it locally through the GUI. If a GPO pushes the setting then it takes precedence over the local configuration, but you can still set it in the GUI. This makes you think you are changing it when you really are not. This is a field engineer troubleshooting disaster. The only good news is that an “ipconfig /all” will show what is actively being used. Deploying this setting with a GPO puts its changes in the registry in the following location:
It should be noted that this setting is only available in GPOs where AD is running Windows Server 2003 or greater. Here is the path where you can find the setting in a GPO.
Computer Configuration → Policies(If you’re running Windows Server 2008) → Administrative Templates → Network → DNS Client → DNS Suffix Search List
Here is an example. A GPO has been deployed to Machine1 setting the DNS Suffix Search List to “contoso.com”. On the top you can see that “litware.com” is the only suffix set in the GUI. On the bottom you can see from an “ipconfig /all” that the suffix search list only has “contoso.com”
DNS Suffix Search List in the GUI
- Actual Current DNS Suffix
As you can imagine, there is bound to be a very frustrated desktop engineer. Since the GPO and GUI put their settings in different registry keys you never see the GPO settings in the GUI. For this reason I would warn against using this GPO setting. I recommend the following work around solutions.
- VBScript or PowerShell deployed via logon script
- VBScript or PowerShell deployed via GPO startup or logon script
- GPO using a direct registry change to the local GUI registry key
I finally decided to get on the blogging band wagon. I started this blog for two reasons. First and foremost is personal career development, and second is to keep an archive. I want to send a special thanks to Brent Ozar (@BrentO on Twitter) for his excellent blog on how to get started blogging. If you are thinking about starting your own blog I highly recommend you read his article HERE.