Weird non-domain joined DNS query results vs. domain joined

Question

question

Traveler856-1947 asked Mar 13, '21 SunnyQi-MSFT commented Mar 23, '21

Weird non-domain joined DNS query results vs. domain joined

I just setup a WS2019 lab, which has two DCs with integrated DNS. I have forward and reverse lookup zones for both of my networks. The domain is "lab.local". If I run nslookup queries on either DC, using the short name or FQDN, I get the expected DNS results. However, what I can't explain is what happens on a non-domain joined Windows 10 computer, or a Mac.

Both the non-domain joined Win10 PC and Mac are pointed to the lab.local DNS server IP addresses. If on the PC/Mac I execute 'nslookup addc01.lab.local' I get:

C:\Users\DS>nslookup addc01.lab.local
Server: UnKnown
Address: 172.26.13.10

*** UnKnown can't find addc01.lab.local: Non-existent domain

But as I mentioned earlier, running that same FQDN nslookup on either DC gives me the proper result. If I 'force' nslookup to query my lab DCs, I still get the same failed result:

C:\Users\DS>nslookup addc01.lab.local 172.26.13.10
Server: UnKnown
Address: 172.26.13.10

*** UnKnown can't find addc01.lab.local: No response from server

and running that from a lab DC:

C:\Users\Administrator>nslookup addc01.lab.local 172.26.13.10
Server: ADDC01.lab.local
Address: 172.26.13.10

Name: addc01.lab.local
Address: 172.26.13.10

I've setup dozens of lab DCs like these before, and never had such inconsistent DNS resolution for non-domain joined computers. Any ideas?

I should mention the PC/Mac are on a different LAN network from the DCs (10.13.2.x). I provisioned a dummy WS2019 VM on the same network as the DCs (not domain joined), and the nslookup queries DO behave as I would expect (i.e they work).

windows-dhcp-dns

· 3

5 |1600 characters needed characters left characters exceeded

Attachments: Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

SunnyQi-MSFT · Mar 15, 2021 at 05:34 AM

This is a quick note to let you know that I am currently performing research on this issue and will get back to you as soon as possible. I appreciate your patience.
If you have any updates during this process, please feel free to let me know.

0 ·

SunnyQi-MSFT · Mar 18, 2021 at 09:49 AM

Hi,

Just want to confirm the current situations.

Please feel free to let us know if you need further assistance.

Best Regards,
Sunny

0 ·

SunnyQi-MSFT · Mar 23, 2021 at 08:55 AM

Hi,

Just want to confirm the current situations.

Please feel free to let us know if you need further assistance.

Best Regards,
Sunny

0 ·

Answer 1 · 2021-03-15T07:38:09.57Z

SunnyQi-MSFT answered Mar 15, '21

Hi,

Thanks for posting in Q&A platform.

Based on provided information, my understanding is that addc01.lab.local is your DC&DNS server. When you run nslookup addc01 from windows client, you will get the expected result from DNS server. But when you run nslookup addc01.lab.local, you just get the error and the FQDN cannot be resolved to IP address. Please correct me if my understanding is wrong.

Meanwhile, I noticed that you mentioned that the windows client is on a different LAN network from the DCs (10.13.2.x). May I know if the client is on the same subnet or different subnet with DC?

Please help provide screenshots of result of ipconfig /all of your windows client and the result of nslookup addc01 for further troubleshooting.

Please kindly note that this forum is a public forum that everyone can view this thread, when you post the required screenshots please remove your private information.

Best Regards,
Sunny

If the Answer is helpful, please click "Accept Answer" and upvote it.

Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

5 |1600 characters needed characters left characters exceeded

Attachments: Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

question