Authenticating to Shared folder fails using Private DNS Zone FQDN of server

Question

Authenticating to Shared folder fails using Private DNS Zone FQDN of server

Wes Baldwin 21

I need help understanding why accessing a shared folder using the administrator credentials fails when using the FQDN based on the Private DNS Zone domain.

Here is what happens:

I logon to CFS1 using the administrator account.
I open file explorer
I type \cfs1.sds.com\sharename where sharename is any share on CFS1 including the administrative shares such as C$, and hit enter.
A Windows Security form opens prompting "Enter network credentials". It also shows the CFS1\administrator with a text box to type the password.
I type in the correct password and hit enter.
The Windows Security form opens again and at the bottom it says "The specified network password is not correct."

If I do the same process as above but use \cfs1\sharename where sharename is any share on CFS1 including the administrative shares such as C$, it connects just fine. In this case there is no prompting for credentials.

I don't need any explanation as to why \CFS1\sharename works, but rather an explanation as to why \CFS1.sds.com\sharename fails to do so.

Additionally, the hosts file contains nothing for CFS1 or CFS1.sds.com. Also, sds.com is the Private DNS Zone object I created.

Thanks in advance
wb

Carlos Solís Salazar 18,376 Reputation points MVP

2022-09-14T16:46:54.857+00:00

is the domain "sds.com" the main domain in your Domain controller?
Wes Baldwin 21 Reputation points

2022-09-14T16:49:55.187+00:00

No. I only have a couple VMs and I am not running a domain controller.
KapilAnanth 49,876 Reputation points Moderator

2022-09-15T10:22:07.92+00:00
Hi @Wes Baldwin ,

Welcome to the Microsoft Q&A Platform. Thank you for reaching out & I hope you are doing well.
I understand that you are not able to access your fileshare via the entire FQDN, however, the same works with VM's Host name.

I take it that you are trying to access the fileshare from the same VM (CFS1).
Kindly let me know if this is incorrect.

I was able to reproduce this at my end.

From my initial analysis, it appears that this is the behavior of the OS.

The OS will only have knowledge of host name as "CFS1" and not as "CFS1.sds.com"

*.sds.com is configured on the platform level and OS will not have this visibility.

This can be demonstrated using the below e.g.,

While the former user a IPV6 and the latter is using a IPV4.

The share will be expecting a connection with host CFS1 name and not with the Platform registered "CFS1.sds.com", and hence the connection is not working.

This again makes sense, as if we are to add a Host file entry such as "CFS1.randomdomain.com" pointing to this VM's IP and try to access the share via "\CFS1.randomdomain.com\sharename" would again fail.

I shall update this post should I get more details on this.

Cheers,
Kapil
Wes Baldwin 21 Reputation points

2022-09-15T13:33:23.69+00:00

Kapil,
Everything you said in your reply is correct. It seems that I will need use means other than Private DNS zones for accessing the share.

Thank you for your investigation and response
Wes
KapilAnanth 49,876 Reputation points Moderator

2022-09-15T14:03:04.79+00:00

Hi @Wes Baldwin ,

Thanks for your reply.

I shall summarize this discussion and post as an answer for the wider community.

Request you to accept the answer
Original posters help the community find answers faster by identifying the correct answer

Cheers,
Kapil

Answer accepted by question author

0 additional answers

Your answer

Carlos Solís Salazar 18,376 Reputation points MVP

2022-09-14T16:46:54.857+00:00

is the domain "sds.com" the main domain in your Domain controller?
Wes Baldwin 21 Reputation points

2022-09-14T16:49:55.187+00:00

No. I only have a couple VMs and I am not running a domain controller.
KapilAnanth 49,876 Reputation points Moderator

2022-09-15T10:22:07.92+00:00

Hi @Wes Baldwin ,

Welcome to the Microsoft Q&A Platform. Thank you for reaching out & I hope you are doing well.
I understand that you are not able to access your fileshare via the entire FQDN, however, the same works with VM's Host name.

I take it that you are trying to access the fileshare from the same VM (CFS1).
Kindly let me know if this is incorrect.

I was able to reproduce this at my end.

From my initial analysis, it appears that this is the behavior of the OS.

The OS will only have knowledge of host name as "CFS1" and not as "CFS1.sds.com"

*.sds.com is configured on the platform level and OS will not have this visibility.

This can be demonstrated using the below e.g.,

While the former user a IPV6 and the latter is using a IPV4.

The share will be expecting a connection with host CFS1 name and not with the Platform registered "CFS1.sds.com", and hence the connection is not working.

This again makes sense, as if we are to add a Host file entry such as "CFS1.randomdomain.com" pointing to this VM's IP and try to access the share via "\CFS1.randomdomain.com\sharename" would again fail.

I shall update this post should I get more details on this.

Cheers,
Kapil
Wes Baldwin 21 Reputation points

2022-09-15T13:33:23.69+00:00

Kapil,
Everything you said in your reply is correct. It seems that I will need use means other than Private DNS zones for accessing the share.

Thank you for your investigation and response
Wes
KapilAnanth 49,876 Reputation points Moderator

2022-09-15T14:03:04.79+00:00

Hi @Wes Baldwin ,

Thanks for your reply.

I shall summarize this discussion and post as an answer for the wider community.

Request you to accept the answer
Original posters help the community find answers faster by identifying the correct answer

Cheers,
Kapil

Answer 1

Hi @Wes Baldwin ,

Welcome to the Microsoft Q&A Platform. Thank you for reaching out & I hope you are doing well.
I understand that you are not able to access your fileshare via the entire FQDN, however, the same works with VM's Host name.

I take it that you are trying to access the fileshare from the same VM (CFS1).

I was able to reproduce this at my end.
From my initial analysis, it appears that this is the behavior of the OS.
The OS will only have knowledge of host name as "CFS1" and not as "CFS1.sds.com"
*.sds.com is configured on the platform level and OS will not have this visibility.
This can be demonstrated using the below e.g.,
While the former uses a IPV6 and the latter is using a IPV4.
The share will be expecting a connection with host CFS1 name and not with the Platform registered "CFS1.sds.com", and hence the connection is not working.
This again makes sense, as if we are to add a Host file entry such as "CFS1.randomdomain.com" pointing to this VM's IP and try to access the share via "\CFS1.randomdomain.com\sharename" would again fail.

I hope this adds additional clarification

Cheers,
Kapil

----------------------------------------------------------------------------------------------------------------

Please don’t forget to close the thread by clicking "Accept the answer" wherever the information provided helps you, as this can be beneficial to other community members.

Share via

Authenticating to Shared folder fails using Private DNS Zone FQDN of server

0 additional answers

Your answer