gushi: (Default)

I think it's pretty safe to talk about this publicly.

I just discovered something obnoxious in the course of my day.

Most unix machines have a "hostname", and this "hostname" includes a "domain". When your hostname is stated with your domain, it it said to be your "fully qualified domain name". For example, "prime.gushi.org", or "bitsy.mit.edu".

This is all well and proper. This is the way it has been in the unix world since TCP was invented. A computer knows its first and last name, and it corresponds with the name that systems use to look you up with, in protocols like the DNS.

Now, with Microsoft OSes, machines normally get their "domain name" by joining an Active Directory Domain. For example, in company.com, they may designate "ad.company.com" to be the active directory domain. Note carefully that this also sets something in windows called your "primary dns suffix" which means "the domain part of your hostname".

Normally, the procedure involved in setting this thing manually involves digging rather deeply into the system control panel, going to the "Computer Name" tab, clicking the "More" button, and setting it.

Now, here's the annoying thing I recently discovered:

I recently decided to run a very-tight box to only serve one thing: DNS (running my job's software). Thus, knowing that I'd never share any files, never want to connect to any servers to grab files, I uninstalled "Client for Microsoft Networks" and "File and Printer Sharing for Microsoft Networks".

What I then discovered was this:

After uninstalling these components, the "More" button in the Computer Name field disappears!!! Unless you have "Client for Microsoft Networks", your machine CANNOT POSSIBLY be configured with a fully-qualified domain name. Worse still is that windows machine names cannot include dots.

Note carefully that some other programs use this value. Some mail servers even DEPEND on it being set to something real.

Does Microsoft POSSIBLY think that the only thing that requires an FQDN is their own SMB networking stack?

Configuring a DNS search path is also done per-connection, as opposed to globally. How does that work? If I'm at a command prompt and type "ping foo", it doesn't ask me which network interface I want to use (although ostensibly the one that has my default gateway would be the primary one). It's still a kludge.

Now, I'd be a lot more angry if this actually stopped me from doing anything, this is purely a semantic issue, but hey, I work in the DNS field, I'm allowed to be a pedant about this.

gushi: (Default)

I think it's pretty safe to talk about this publicly.

I just discovered something obnoxious in the course of my day.

Most unix machines have a "hostname", and this "hostname" includes a "domain". When your hostname is stated with your domain, it it said to be your "fully qualified domain name". For example, "prime.gushi.org", or "bitsy.mit.edu".

This is all well and proper. This is the way it has been in the unix world since TCP was invented. A computer knows its first and last name, and it corresponds with the name that systems use to look you up with, in protocols like the DNS.

Now, with Microsoft OSes, machines normally get their "domain name" by joining an Active Directory Domain. For example, in company.com, they may designate "ad.company.com" to be the active directory domain. Note carefully that this also sets something in windows called your "primary dns suffix" which means "the domain part of your hostname".

Normally, the procedure involved in setting this thing manually involves digging rather deeply into the system control panel, going to the "Computer Name" tab, clicking the "More" button, and setting it.

Now, here's the annoying thing I recently discovered:

I recently decided to run a very-tight box to only serve one thing: DNS (running my job's software). Thus, knowing that I'd never share any files, never want to connect to any servers to grab files, I uninstalled "Client for Microsoft Networks" and "File and Printer Sharing for Microsoft Networks".

What I then discovered was this:

After uninstalling these components, the "More" button in the Computer Name field disappears!!! Unless you have "Client for Microsoft Networks", your machine CANNOT POSSIBLY be configured with a fully-qualified domain name. Worse still is that windows machine names cannot include dots.

Note carefully that some other programs use this value. Some mail servers even DEPEND on it being set to something real.

Does Microsoft POSSIBLY think that the only thing that requires an FQDN is their own SMB networking stack?

Configuring a DNS search path is also done per-connection, as opposed to globally. How does that work? If I'm at a command prompt and type "ping foo", it doesn't ask me which network interface I want to use (although ostensibly the one that has my default gateway would be the primary one). It's still a kludge.

Now, I'd be a lot more angry if this actually stopped me from doing anything, this is purely a semantic issue, but hey, I work in the DNS field, I'm allowed to be a pedant about this.

May 2017

S M T W T F S
  123456
78910111213
14151617181920
21222324252627
28293031   

Syndicate

RSS Atom

Most Popular Tags

Style Credit

Expand Cut Tags

No cut tags
Page generated Jul. 22nd, 2017 04:48 pm
Powered by Dreamwidth Studios