MDT 2010 and Multiple DNS Namespaces

I ran into an interesting problem over the last couple of week when setting up a Windows 7 deployement infrastructure.  Some simple basics for reference:  I am using a “master” server to replicate my deployment share to roughly 40 servers at different locations using DFSR.  I have set up a domain namespace (\\company.com\deploymentshare) and I have added all of the servers to the namespace.  We have DHCP set up to deliver the DNS suffix “clients.company.com” and our servers reside in the “company.com” DNS namespace.  This seemed to work fine when I tested in our lab and at a few select sites.  When a began to move the solution into other sites and test I experienced extreme lag times in WinPE and once the MDT wizard started I was unable to connect to the deployment share.  This baffled me as it still worked when running a VM on the same Hyper-V server that hosted the WDS server and DeploymentShare.  After some snooping (and using a port span to sniff the traffic since I couldn’t load NetMon in WinPE) I realized that the WinPE client could ping the DNS namespace because if was fully qualified, but it couldn’t reach the actual server and was trying to ARP for the NetBIOS name.  As you know, normal Windows client behavior is to search the parent domain suffixes of the client.  In Windows PE this is not the case.  The solution was to add a command before the MDT scripts began to add a DNS suffix search order.  In order to make this change survive deployment share updates you have to edit the templates that come with MDT.  You can find these under C:\Program Files\Microsoft\Deployment Toolkit\Templates and they will be named Unattend_PE_x64.xml and Unattend_PE_x86.xml.  Open the files and go to the section that starts with <RunSynchronous> and change it to look like the sections below.  Update your deployment share and choose a complete rebuild and your problems are solved!

<RunSynchronous>
  <RunSynchronousCommand wcm:action="add">
    <Description>Set DNS Suffix search order</Description>
    <Order>1</Order>
    <Path>wmic nicconfig call SetDNSSuffixSearchOrder (company.com, clients.company.com)</Path>
  </RunSynchronousCommand>
  <RunSynchronousCommand wcm:action="add">
    <Description>Lite Touch PE</Description>
    <Order>2</Order>
    <Path>wscript.exe X:\Deploy\Scripts\LiteTouch.wsf</Path>
  </RunSynchronousCommand>
</RunSynchronous>
Advertisements