Overview
In GFI LanGuard, custom remediation and other options that rely on pinging a machine by hostname (without the Fully Qualified Domain Name or FQDN) may fail for machines located in a different domain than the LanGuard server. This issue arises due to DNS resolution problems between different domains. Proper DNS configuration is essential to resolve hostnames across separate domains.
Solution
To fix the hostname resolution issues for machines in a different domain, follow these steps:
1. Add a New Zone in DNS
- Open DNS Manager on the server.
- Right-click Forward Lookup Zones and select New Zone.
- Follow the setup wizard, accepting the default settings.
- When prompted, add the domain of the machines that are in the separate domain as the zone name.
2. Add Host Records
- Right-click the newly created zone and select New Host.
- Fill in the required host details such as the hostname and IP address.
- Ensure that the option to create the associated PTR record is checked to allow reverse DNS lookups.
3. Configure DNS Settings on the LanGuard Server
Open Network Settings:
- Go to Control Panel > Network and Sharing Center.
- Select Change adapter settings from the left-hand panel.
Edit Adapter Settings:
- Right-click the network adapter in use and click Properties.
- Highlight Internet Protocol Version 4 (TCP/IPv4) and select Properties.
Configure Advanced DNS Settings:
- Click the Advanced button, and go to the DNS tab.
- Under DNS suffix search list, select Append these DNS suffixes (in order).
- Add the domains that need to be resolved. The DNS lookup will check the first domain, and if no match is found, it will move down the list sequentially.
4. Apply DNS Settings and Refresh
- Click OK to save the settings and apply the changes.
- Open an elevated command prompt and run the following command to flush the DNS cache:
ipconfig /flushdns
This process ensures that the LanGuard server can resolve hostnames across different domains, preventing failures during custom remediation tasks.