locked
WindowsIdentity.Name and Fully Qualified Domain Names RRS feed

  • Question

  • It appears that WindowsIdentity.Name returns the domain name in NetBIOS domain name format.  It doesn't return the fully qualified domain name (FQDN).  E.g. it returns CONTOSO rather than Contoso.net.

    Is this perceived as a problem?  In particular, is it possible to get ambiugity, in organisations where the NetBIOS name is not unique, but the FQDN (naturally) would be?  If so, what is the recommended solution?

    John


    John Rusk, http://dotnet.AgileKiwi.com - .NET and Agility
    Thursday, November 13, 2008 3:47 AM

Answers

  • To clarify, I was asking about the name of the domain, not the name of any other machine. 

    I think I've found the answer tho.  Although it is possible for a large organisation to have two domains (e.g. in different forests) with the same NetBIOS name; it is not possible for those two domains to trust each other.  (Setting up trust relationships apparently requires NetBIOS names to be unique).  So the name returned by .NET can always be uniquely resolved within the set of domains that trust the machine that's running the .NET code. 

    I'm not an AD guru and I'm not sure I've described this 100% accurately.  But I'm noting it here anyway, just in case it helps someone else with the same question one day, since I couldn't find any other documentation that concisely described what I've written above.

    John
    John Rusk, http://dotnet.AgileKiwi.com - .NET and Agility
    • Marked as answer by John Rusk Thursday, November 13, 2008 8:20 PM
    Thursday, November 13, 2008 8:20 PM

All replies

  • I doubt it, the machine wouldn't work inside the LAN either.  Post to forums.technet.com to ask for details.

    Hans Passant.
    Thursday, November 13, 2008 1:10 PM
  • To clarify, I was asking about the name of the domain, not the name of any other machine. 

    I think I've found the answer tho.  Although it is possible for a large organisation to have two domains (e.g. in different forests) with the same NetBIOS name; it is not possible for those two domains to trust each other.  (Setting up trust relationships apparently requires NetBIOS names to be unique).  So the name returned by .NET can always be uniquely resolved within the set of domains that trust the machine that's running the .NET code. 

    I'm not an AD guru and I'm not sure I've described this 100% accurately.  But I'm noting it here anyway, just in case it helps someone else with the same question one day, since I couldn't find any other documentation that concisely described what I've written above.

    John
    John Rusk, http://dotnet.AgileKiwi.com - .NET and Agility
    • Marked as answer by John Rusk Thursday, November 13, 2008 8:20 PM
    Thursday, November 13, 2008 8:20 PM