none
small and capital letters in DNS / Active Directory RRS feed

  • 질문

  • Hi all

    I've a special question related to AD and DNS - I've noticed that some of my systems are using small, and other capital letters for the computer name. Does someone has an explaination for this?

    Shall I use small or capital letters in the future? And, how could I change this for the current environment? In the registry?

    Thanks

    2010년 6월 13일 일요일 오후 3:08

답변

  • Names in AD (in fact all string attributes) are case aware, but not case sensitive. Names are saved in AD in the case originally entered, but you can find the names using any case. For example, you can bind to Administrator or administrator (or aDministRator).

    I believe you cannot change the case of names, as the change is not recognized. I believe the case of computer objects depends on how the objects are created.

    Richard Mueller


    MVP ADSI
    • 답변으로 표시됨 Bruce-Liu 2010년 6월 24일 목요일 오전 10:16
    2010년 6월 13일 일요일 오후 6:19

모든 응답

  • Names in AD (in fact all string attributes) are case aware, but not case sensitive. Names are saved in AD in the case originally entered, but you can find the names using any case. For example, you can bind to Administrator or administrator (or aDministRator).

    I believe you cannot change the case of names, as the change is not recognized. I believe the case of computer objects depends on how the objects are created.

    Richard Mueller


    MVP ADSI
    • 답변으로 표시됨 Bruce-Liu 2010년 6월 24일 목요일 오전 10:16
    2010년 6월 13일 일요일 오후 6:19
  • Hi Richard

    Thanks for your reply - the funny thing is, all computer names are "assigned" the same way. For this test I used netdom and CAPITAL letters, but the first domain controller and one member server is joined to AD with small letters - "Funny" :)

    Can I change it manually in AD using ADSI? Or could this have negativ effects?

    Thanks
    Norbert

    2010년 6월 13일 일요일 오후 7:15
  • Hello,

    as Richard already said, there is no functional dependency if small or capitals are used. Basically this is an optical change that without any advantage. I would leave them as already shown.


    Best regards Meinolf Weber Disclaimer: This posting is provided "AS IS" with no warranties or guarantees , and confers no rights.
    2010년 6월 13일 일요일 오후 8:47
  • Hi Norbet,

    As stated, it's not case sensitive, however if you want to change it, for example to change a client workstation, you would have to disjoin the machine, rename it to something else other than it's current name (because if you try to rename it with the same name but different case, it will say nothing got changed and keep the same name), then restart, then rename it again to the lower case name, then restart, then rejoin.

    If a DC, well, that's a longer process because it includes the above and demotion and re-promoting, not taking into account if you have additional DCs in the domain to maintain the AD infrastructure while going through this process.

    Ace

     


    Ace Fekay, MVP, MCT, MCITP EA, MCTS Windows 2008 & Exchange 2007, MCSE & MCSA 2003/2000, MCSA Messaging 2003, Microsoft Certified Trainer, Microsoft MVP - Directory Services. This posting is provided AS-IS with no warranties or guarantees and confers no rights.
    2010년 6월 14일 월요일 오전 5:15
  • Hello Ace

    Thankes, I tried this workaround already - without disjoin it doesn't work. I will give it a try with disjoining the domain.

    Regarding ADSI - the computername is written in capital letters. It seems this record is only in small letters in DNS. Is there a way to change it there? AD Integrated DNS?

    I know it works with small and capital letters, and actually it doesn't matter. But I know it's there ;) I would really like to understand why a Windows server can do it in different types (small / capital) even I assigned the name always the same way. And also, where this record is store...

    Thanks
    Norbert

    2010년 6월 14일 월요일 오전 5:42
  • I haven't tried, but the following attributes of the computer object in AD are relevant:

    sAMAccountName, dNSHostName, servicePrincipalName

    The last is multivalued. The sAMAccountName must have the trailing "$".

    Richard Mueller


    MVP ADSI
    2010년 6월 14일 월요일 오후 12:32
  • I haven't tried, but the following attributes of the computer object in AD are relevant:

    sAMAccountName, dNSHostName, servicePrincipalName

    The last is multivalued. The sAMAccountName must have the trailing "$".

    Richard Mueller


    MVP ADSI


    Hi Richard,

    What I think will happen is if the attributes were changed, first  I believe you would have to change it to something else, then back to the correct name with the correct case.

    However, with DNS machine registration, since DNS doesn't *care* and ignores the case the name is registered in, it will honor and keep the case as registered.

    ---

    To answer Norbert's question regarding where DNS data with AD Integrated zones are stored, they are stored in AD, in one of three possible logical locations in the physical database. Even if you were to change it using ADSI Edit, when the machine goes to register into the zone again, and the machine is in all upper case, the data will be changed back to upper case due to the above reason. DNS ignores case, but honors it at time registeration and will keep the case based on registration. Unfortunately there's no way around this.

    I've vistited customer sites where the admins asked me the same question. Looking in their zones, it's mixed up, some of the host names are all upper case, some are lower case. I told them it's based on the machine's hostname and how it was entered when it was first setup. I found out it depended on who entered them. Some of the guy enetered them in lower case, two of the guys entered them in upper case. After that they set a standard to create all future machines in lower case.

    I would suggest to try changing the attributes Richard posted. I don't think it will work, but please do post back your results.

    Ace


    Ace Fekay, MVP, MCT, MCITP EA, MCTS Windows 2008 & Exchange 2007, MCSE & MCSA 2003/2000, MCSA Messaging 2003, Microsoft Certified Trainer, Microsoft MVP - Directory Services. This posting is provided AS-IS with no warranties or guarantees and confers no rights.
    2010년 6월 14일 월요일 오후 1:54
  • As I was browsing for other people's woes with Windows DNS, I came across this blog.  I'm working a tentacled issue and thought I would share some findings.  DNS doesn't offer allegiance to case sensitivities, but Linux DOES care.  If there is a mix of upper and lower case characters in a hostname on a Linux server, this has created issues with using Windows DNS, esp. when DNS spouts out 100% lower case names (despite the fact the forward and reverse lookup entries in DNS have all upper case or both).  If using Linux and Windows DNS, try and create an all lower case host naming system.

    • 답변으로 제안됨 barnabya 2015년 11월 11일 수요일 오후 8:19
    2012년 6월 4일 월요일 오후 11:19
  • As I was browsing for other people's woes with Windows DNS, I came across this blog.  I'm working a tentacled issue and thought I would share some findings.  DNS doesn't offer allegiance to case sensitivities, but Linux DOES care.  If there is a mix of upper and lower case characters in a hostname on a Linux server, this has created issues with using Windows DNS, esp. when DNS spouts out 100% lower case names (despite the fact the forward and reverse lookup entries in DNS have all upper case or both).  If using Linux and Windows DNS, try and create an all lower case host naming system.

    Part of the problem with this solution is if the host's computer name is all uppercase, then DNS honors that and registers it as uppercase. You can change it, but the next time a non-DC member server or workstation refreshes its dynamic registration 24 hours later, it will be upper case again. For a DC, that will be every 60 minutes. So you'll have to insure all hosts are lower case, or it will be a losing battle.

    .


    Ace Fekay
    MVP, MCT, MCITP EA, MCTS Windows 2008/R2, Exchange 2007 & Exchange 2010, Exchange 2010 EA, MCSE & MCSA 2003/2000, MCSA Messaging 2003
    Microsoft Certified Trainer
    Microsoft MVP - Directory Services
    Complete List of Technical Blogs: http://www.delawarecountycomputerconsulting.com/technicalblogs.php

    This post is provided AS-IS with no warranties or guarantees and confers no rights.

    FaceBook Twitter LinkedIn

    2012년 6월 6일 수요일 오후 4:41
  • Hi

    guess this is old but may help any passers by.

    Ace is correct in that DNS honors machine name if in caps however, if the machine name isnt in caps, its the procedure the machine was added to active directory. Using the netbios name for the domain rather than the FQDN will result in the uppercase creation of the DNS entry always. so in future, when adding a machine to AD, use the FQDN and it will honor the machines name if in lower case.

    2013년 4월 12일 금요일 오전 4:39
  • Hello

    I had similar but not the same issue. I use Server Manager 2012 and I dont like that in some dialogs some servers are written with just a first capital letter and others are all in capitals no matter how I called them when they were registered in domain.

    To fix that i changed dNSHostName field in Atribute Editor tab in AD Users and Computers (or AD AC).

    And now all my servers looks the same manner in all dialog windows in Server Manager.

    Maybe it would help you.

    Dmitriy Titov

    2013년 7월 7일 일요일 오후 4:27
  • Don't forget that the DNS record will not be completely deleted immediately - it gets tombstoned then reanimated if you don't ensure it is purged and replicated from all DCs. To summarize what I'm taking away from this very useful discussion:

    1. Unjoin the domain (after noting group memberships and OU location, etc.) <- do this at your own risk, as the re-joined computer with have a new GUID. If the computer object is used to apply permissions anywhere (e.g. filtered GPOs, IIS access, delegation), these would all need to be restored.

    2. Delete the AD object (removes the dNSHostName attribute used to register the DNS name in AD, and also dictates the displayed name in MMCs)

    3. Delete the DNS record for AD DNS, purge, and replicate.

    4. Change the workgroup computer name to something else, so that it will recognize the change of case when the name is changed back to the original intended name with the correct case.

    5. Re-join the domain (including adding back any missing group memberships, OU, etc.)

    This is a LOT of work just to change the case of the computername, but is important in our blended Windows/Unix DNS environment. Please note, I have not verified these steps achieve the intended outcome. And I've also noted that since I've changed our automated server build process, we now get the DNS name registered in lower-case, even though the local computername, its AD object and dNSHostName attribute are all in upper-case, as if it get transcribed somewhere along the way.


    www.computingimprovements.com

    2015년 11월 11일 수요일 오후 8:45
  • Has there been any more clarity on the DNS hostname side of this?

    I ask because at least in my setup I know that it is not an issue with how the Windows computer names were entered ahead of domain membership. All systems that should have sentence case (like "Server1") were all named as such and the AD dNSHostName attribute of the computer object reflects this. However, the actual DNS forward zone is wildly inconsistent.

    Some servers have their DNS records appear with the proper capitalization while others do not. What's even more bizarre, the DNS record may appears differently in the same DNS forward zone on one DC vs. another DC for the same domain. For example, the very same Server1 may be "server1" on our primary DNS server and be "Server1" on our secondary DNS server. All the while AD is saying it should be Server1. Another computer may appear properly on both DNS servers while another computer doesn't appear properly on either DNS server. Oh, and the DNS reverse zones are all perfect. I can't figure out the rhyme or reason for this and it's maddening not knowing where these values are coming from for the forward zones.

    2020년 1월 28일 화요일 오후 1:10