We have a DNS suffix for our domain ourdomain.local and it works whenever we have one additional DNS component e.g. test1.ourdomain.local or graphs.ourdomain.local, so that means we only have to type test1 or graphs and it will resolve correctly. However if we have remote.graphs.ourdomain.local then remote.graphs won't resolve and only remote.graphs.ourdomain.local will.
This is a Windows Server 2012R2 deployment. However, the problem seems to be client side, since Linux clients are able to resolve remote.graphs correctly, yet Windows ones are not. The Linux clients are not managed by group policy or anything, they just have manual configuration for the DNS:
options ndots:3
nameserver 192.168.123.123
nameserver 8.8.8.8
search ourdomain.local
where I believe options ndots:3 is enabling the resolution to work correctly for subdomains in Linux. I am looking for the equivalent of options ndots:3 or similar for Windows clients. What kind of configuration do I need to set in group policy to enable correct resolution?
Notes:
/etc/resolv.conf option options ndots:N is detailed here:
[...]
sets a threshold for the number of dots which must appear in a name
given to res_query(3) (see resolver(3)) before an initial absolute
query will be made. The default for n is 1, meaning that if there are
any dots in a name, the name will be tried first as an absolute name
before any search list elements are appended to it. The value for this
option is silently capped to 15.
[...]
EDIT w/ SOLUTION:
The solution consists in enabling AppendToMultiLabelName in Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\DNSClient as a REG_DWORD with value 1 - this can be done locally, or if enabled through GPO via "Allow DNS Suffix Appending to Unqualified Multi-Label Name Queries" located under "Computer Configuration / Administrative Templates / Network / DNS Client".
I found the answer here (another question on serverfault)
