No announcement yet.

DNS Suffixes

  • Filter
  • Time
  • Show
Clear All
new posts

  • DNS Suffixes

    Hi! Hope someone can help. I took over a domain and noticed that on their Default Domain Policy they have 2 settings turned on in group policy for

    DNS Suffix Search List
    Primary DNS Suffix.

    I am having a user who is having trouble connecting into another VPN system because of this suffix listed and i can't overide the default domain policy with a LGP. So my solution was going to be to take it off and create a new blank policy with the suffix settings entered in so I can exlude their computer but honestly thinking about it DO i even need anything listed for this in group policy? We have only 1 domain name no child domains and i cant see what the point of these enteries would have. Any advise?

  • #2
    Re: DNS Suffixes

    Generally speaking you shouldn't need it as long as DHCP is handing out the proper DNS suffix. Then it would be dynamic for the clients and wouldn't be enforced by policy.

    If your one domain is the only one listed in the search list then I would think it's safe to remove it.

    Network Consultant/Engineer
    Baltimore - Washington area and beyond


    • #3
      Re: DNS Suffixes

      Sounds like you can get rid of them.
      The suffixes would only be needed if you had users/apps that referenced servers by their host names only but where they were on different domains (any server on your internal domain would be fine as that suffix gets appended automatically). I guess only you can tell based on what is actually in there but most likely you don't need them.


      Please read this before you post:

      Quis custodiet ipsos custodes?


      • #4
        Re: DNS Suffixes

        Thanks for the info. I made a OU and blocked all GPOS from it. Took a few random computers from different departments and I am watching to see if anyone has an issue but I agree with both of you I can get rid of them.

        Thank you!