Is it possible to tell Android which domain it belongs to?
In Windows, Linux, macOS etc. you can tell the OS which domain is its default (i.e. no suffix required). E.g. you tell the OS that the device belongs to the domain “mycompany.local”, so, if the device is called Android01, its FQDN is android01.mycompany.local. This means, when it calls up other computers in the same domain, it can drop the mycompany.local part of the domain name.
E.g. instead of “mailserver.mycompany.local”, you can just use “mailserver” as the name. The same for intranet.mycompany.local, you can access it simply as intranet.
Can you do the same on Android? We have a case, where we have multiple Android scanners, which need to access a server over https. The certificate has been added to the devices, but is “myserver”, not “myserver.mycompany.local” and the devices complain, because they have to use the full domain name and the certificate doesn’t match.
We could re-issue the certificate with the FQDN, but it would be simpler to just update the default domain on the Android devices, as opposed to the server, the PCs, the terminal servers and the Android devices with the new certificate…
Unsure if this will actually help you do what you want, but it might.
Close, but no cigar. But a big thanks for replying so quickly.
The DNS is already in place. It did make me think of something else.
It might be Private DNS (DoH) bypassing the local DNS server and trying to use Google’s 18.104.22.168, which obviously won’t work. I’ve asked the users to check that first. The problem is, they are on East Coast time, so I’ll have to wait about 5 hours for them to come in…
The problem with DNS and suffixes and zones etc. bring up generic responses that have nothing to do with Android, even if you give Android as a keyword.
DNS search suffixes are assigned by DHCP, are these on a private WiFi or mobile data?
Just tested on my device (Android 12) and it resolved the local non-FQDN correctly.
However I don’t know where to verify that my device is actually getting the domain suffix that my DHCP server is handing out.
edit - I should note I have the DNS privacy features disabled on my device.
The devices are on a private Wi-Fi with a VPN into the company network - don’t ask!
But, that has given me another idea, maybe the VPN on the device isn’t set up properly and sends non-local-domain-FQDN traffic outside the VPN to the Internet… I’ll get them to check that today.
Sounds like DHCP option 15 needs set on the VPN server.
Option 15 is set and has the correct domain in it.
Strange. I’ve since realised that I’m using android and can access services on my local network without a fully qualified domain name.
I also run a VPN server at home and I’ve just found that I couldn’t use just the host name. I updated the config to send a default domain name and it works ok now.
So it seems that android is capable of doing what you need, but there must be something specific to your environment that’s stopping it.
Is this a possible use for mDNS? I have a few devices on my local network (some ESP8266 boards) that use it and it’s hit or miss which devices and find them. It even varies between browsers on Android. Chrome seems to support it while Firefox doesn’t.
mDNS only works within the same subnet so unless it’s very simple network with all servers and VPN users on the same subnet then i don’t think it would help.
Given the fact that they’ve got a guest WiFi and a VPN solution set up then I’d assume the network has some kind of structure to it.
DNS is over the domain controller. But the VPN seems to be ignoring the Option 15 setting. I’ve asked the user on site to enter it manually into the VPN settings.