how to have domain joined PCs register their A records in a DNS sub domain below the domain they are joined to

MikeP 21 Reputation points
2020-11-03T15:03:19.503+00:00

Trying to find out if the following scenario is possible in DNS:

I have a Windows Domain (my.ad). When the my.ad domain joined PCs start up they register their A records in the my.ad domain in DNS. (ie. A = pc01.my.ad). I would like them instead to only register their A record in a DNS sub-domain named site1 (A = pc01.site1.my.ad). There is no Windows subdomain created for the site1.my.ad. It is only a DNS sub-domain off the my.ad DNS domain. I know I can accomplish this by changing the clients DNS suffix in TCP configuration and then telling it to register to that DNS suffix. The issue with this is it also creates 2 PTR records in the reverse lookup zone This causes issues because then the client system has 2 PTR records in DNS. When I do reverse lookups I randomly get one of the 2 host names. I want to only resolve the pc01.site1.my.ad hostname though when I do a reverse lookup against its IP.

In my ideal world I would like the client to only register an A and PTR record in the DNS domain of the DNS suffix I specified to use (site.my.ad). I know I could achieve this by creating a Windows sub-domain for site1.my.ad but I have no need from a second/sub Windows domain from a management perspective and that would mean creating more Domain controllers to service the sub-domain and having the clients join the sub-domain instead. I'm looking for other ways to achieve the desired outcome without building out another Windows domain.

Any help would be greatly appreciated.

Thanks,
Mike

Windows DHCP
Windows DHCP
Windows: A family of Microsoft operating systems that run across personal computers, tablets, laptops, phones, internet of things devices, self-contained mixed reality headsets, large collaboration screens, and other devices.DHCP: Dynamic Host Configuration Protocol (DHCP). A communications protocol that lets network administrators manage centrally and automate the assignment of Internet Protocol (IP) addresses in an organization's network.
1,039 questions
0 comments No comments
{count} votes

Accepted answer
  1. Candy Luo 12,701 Reputation points Microsoft Vendor
    2020-11-04T05:59:20.887+00:00

    Hi Mike,

    The issue with this is it also creates 2 PTR records in the reverse lookup zone This causes issues because then the client system has 2 PTR records in DNS. When I do reverse lookups I randomly get one of the 2 host names.

    Unfortunately, this is a by design behavior for domain joined machine and there is no build-in way could achieve your goal directly. As the picture below:

    37276-image.png

    In such scenes, you just have two choices:

    1.Client machine doesn't join to domain and need to both enable nonsecure and secure for forward Lookup zone and Reserve Lookup zone:

    37382-image.png

    37317-image.png

    2.Creating a Windows sub-domain for site1.my.ad and clients join the sub-domain.

    Best Regards,

    Candy


    If the Answer is helpful, please click "Accept Answer" and upvote it.

    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.


0 additional answers

Sort by: Most helpful

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.