Hi Steve,
thanks for you reply.
I collect ping and nsllokup from 1 computer on the prod.local domain, the same of the DM, and from 1 computer on the noprod.local domain.
This is a computer from domain "prod.local"
C:\>ping wksprod-13
Pinging wksprod-13.prod.local [192.168.12.62] with 32 bytes of data:
Reply from 192.168.12.62: bytes=32 time<1ms TTL=127
Reply from 192.168.12.62: bytes=32 time<1ms TTL=127
Reply from 192.168.12.62: bytes=32 time<1ms TTL=127
Reply from 192.168.12.62: bytes=32 time<1ms TTL=127
Ping statistics for 192.168.12.62:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
C:\>nslookup wksprod-13
Server: DOMAIN01.prod.local
Address: 192.168.11.10
Name: wksprod-13.prod.local
Address: 192.168.12.62
C:\>ping wksprod-13.prod.local
Pinging wksprod-13.prod.local [192.168.12.62] with 32 bytes of data:
Reply from 192.168.12.62: bytes=32 time<1ms TTL=127
Reply from 192.168.12.62: bytes=32 time<1ms TTL=127
Reply from 192.168.12.62: bytes=32 time<1ms TTL=127
Reply from 192.168.12.62: bytes=32 time<1ms TTL=127
Ping statistics for 192.168.12.62:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
C:\>nslookup wksprod-13.prod.local
Server: DOMAIN01.prod.local
Address: 192.168.11.10
Name: wksprod-13.prod.local
Address: 192.168.12.62
This is a computer from domain "noprod.local"
C:\>ping wkscons-02
Ping request could not find host wkscons-02. Please check the name and try again.
C:\>nslookup wkscons-02
Server: DOMAIN01.prod.local
Address: 192.168.11.10
*** DOMAIN01.prod.local can't find wkscons-02: Non-existent domain
C:\>ping wkscons-02.noprod.local
Pinging wkscons-02.noprod.local [192.168.10.200] with 32 bytes of data:
Reply from 192.168.10.200: bytes=32 time<1ms TTL=127
Reply from 192.168.10.200: bytes=32 time<1ms TTL=127
Reply from 192.168.10.200: bytes=32 time<1ms TTL=127
Reply from 192.168.10.200: bytes=32 time<1ms TTL=127
Ping statistics for 192.168.10.200:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
C:\>nslookup wkscons-02.noprod.local
Server: DOMAIN01.prod.local
Address: 192.168.11.10
Name: wkscons-02.noprod.local
Address: 192.168.10.200
As you can see, for noprod computer ping and nslookup using computername is not found while it is found if using FQDN.
Thanks and regards,
Alessandro
Original Message:
Sent: May 03, 2022 07:00 AM
From: Steve Parker
Subject: Infrastructure Deploy to OU on severals AD
Hi Alessandro,
If DNS is configured correctly on the DM then you should be able to ping computers in both AD's by hostname.
In this example the two computers are in different domains, one being the same as the DM.
What do you see for ping and nslookup for both computers?
Rgds,
Steve
------------------------------
Senior Principal Engineering Solutions Architect
Broadcom
Original Message:
Sent: May 02, 2022 12:07 PM
From: Alessandro Capuzzo
Subject: Infrastructure Deploy to OU on severals AD
Hi All,
the customer has integrated his DM with 2 active directories called "PROD" and "NOPROD". These 2 AD are not trusted between them.
The dns domains are also different: ".prod.local" for AD "PROD" and ".noprod.local" for AD "NOPROD".
So for the PROD domain the FQDN of the computers is COMPUTER.prod.local, while for the computers of the NOPROD domain it is COMPUTER.noprod.local. The DM is in the AD "PROD" and its FQDN is ITCA-DM.prod.local.
He executes the deploy wizard on the OU computers of the PROD domain, the same as the DM, with success.
The problem arises when using the deployment wizard to install the Agent on the computers located in the OUs of the "NOPROD".
In fact, when the deployment wizard runs on the OU computers of the domain: "NOPROD", the result of the SCAN returns the "Unknown" status for all computers.
The dmdeploy extracts the computer names from the OU list and tries to contact them using the computer name without success.
Now the question is whether it is possible to configure the DM so that the SCAN function uses the FQDN instead of the computer name.
Thanks in advance
Alessandro