-1

I am not sure how all these are being link up , but right now , my PC is joined to my company AD domain at "whatever.local"

I am pretty sure that "whatever.local" is not resolvable in the public network.

q1) so thinking back, when i bring my laptop home , using my home internet, how did the OS connect to the AD when "whatever.local" cannot be resolve by public DNS ?

q2) why/how come when specifying the ADdomain/username when logging in, i do not need to specify the full AD domainname as in "whatever.local\username" , all i need is to "whatever\username" ?

Hope some gurus can shed some light,

Regards, Noob

Noob
  • 363
  • 3
  • 7
  • 17
  • Please see [this question](http://serverfault.com/questions/61191/what-happens-when-a-computer-joins-an-active-directory-domain). You might also want to look up internal DNS, perhaps DHCP and how to join computers to domains. I think however your question is probably too broad and too basic to get a good answer here. – Reaces Oct 19 '15 at 11:32

1 Answers1

1

So in a domain environment the whatever.local dns zone is held in a domain server (or other dns server) and the srv record for the domain is held in there.

Normally DHCP will allocate the client a DNS server or two. This will then automatically look for the srv record and pass the logon request to the domain controller.

When at home, if you log on with domain credential, the logon client uses cached credentials and the DHCP will allocate a local DNS server to the client and so you get local and internet name resolution (normally)

If you have a work environment that uses direct access then you will be able to use that to connect directly to your domain internal resources.

TheCleaner
  • 32,627
  • 26
  • 132
  • 191
Ed Baker
  • 410
  • 2
  • 7
  • sorry for the late reply. Does that the reason i am able to login to the domain when am at home is due to the cached credentials ? Are you also able to explain why in office when logging in as a domain user, i do not have to specify the ".local" - e.g. company.local, i just need to login as company\user , without the "local" – Noob Oct 25 '15 at 05:44
  • So, at home you are not logging in to the domain, but logging in to the pc with domain credentials. Without a van or direct access, you have no domain access just local pic access. The *.local issue is different by logging in with domain\user credentials you get the same result as logging in as user@domain.local the local art is just the fop level of the fully qualified domain name. This is referred to as a user principal name and can be changed in the domain tool, ad users and computers if there are multiple domains in the environment. Don't forget to mark this as the answer if it helps – Ed Baker Oct 26 '15 at 05:55
  • thanks for the reply - can you elaborate further on the logging in without .local portion ? how does the DNS know that it is actually referring to the "company.local" when trying to resolve an SRV record ? is the .local auto appended ? – Noob Oct 28 '15 at 08:03