Skip Ribbon Commands
Skip to main content

Quick Launch

Todd Klindt's home page > Todd Klindt's Office 365 Admin Blog > Posts > Creating a Wildcard DNS Record for Fun and Profit
May 30
Creating a Wildcard DNS Record for Fun and Profit

When working with Host Named Site Collections (HNSC) you have to keep on top of the DNS records. SharePoint can only do so much, after all. Since your HNSCs all have different host names, that is the point after all, they each need to be resolvable in DNS. If you’re only going to have a handful of HNSCs it’s easy to just drop into your DNS server and create them. It gets a little trickier when you add HNSCs down the road. You tend to forget to create the DNS entries. It becomes a lot trickier if you create a lot of HNSCs and if the SharePoint team doesn’t control DNS. Then it turns into constant tickets, the network team taking their sweet time, much swearing, and users have to wait for the beloved SharePoint site to come online. What if there was a way to prevent all that needless pain and suffering? I have the solution, wildcard DNS records (you probably guessed that from the title of the blog post).

We’re all familiar with the common types of DNS records, like A records and CNAME records. In most cases these records resolve a single address. For instance, the A record for points to the IP address of my web server, Smile However, it is possible to create a wildcard A record. This record provides a default value for DNS records that aren’t defined. In the context of HNSCs you would create a wildcard DNS A record that points to your SharePoint farm. Then when you create a HNSC with the URL it will resolve to the SharePoint farm and work without having to bother those lazy gits on the network team.

To create a wildcard DNS record, create a record for *. Here’s how it looks in the DNS Manager in Windows 2012 R2:


Here’s how it looks in glorious PowerShell:


Add-DnsServerResourceRecordA -ZoneName -Name "*" -IPv4Address ""

Here’s what it looks like when it’s created correctly:


Again, this doesn’t resolve every host in the DNS zone to, only the hosts that don’t already have an A or CNAME record.

While there are other uses for wildcard DNS records, they are quite handy for HNSCs in SharePoint.




Kerberos and  CNames

Doesn't Kerberos have issues with CName records? Might want to use this only when using NTLM Windows authentication
 on 5/31/2015 9:49 AM

AD Integrated DNS

IIRC AD Integrated DNS zones won't resolve wildcard DNS entries.

To use wildcard DNS entries in an AD centric DNS system, you need to create the zone (domain or subdomain) as NOT AD Integrated.  Then once the zone has been created, you can integrate it with AD and wildcard entries will still resolve.

My Google/Bing too is failing me to find a definitive reference for this and it may well have been fixed on more recent versions of AD.

I'm sure many SP2013 Devs have already hit this issue, but with SP App domains...
 on 6/10/2015 4:06 AM

Add Comment

Items on this list require content approval. Your submission will not appear in public views until approved by someone with proper rights. More information on content approval.


Body *

Today's date *

Select a date from the calendar.
Please enter today's date so I know you are a real person


Want a message when I reply to your comment? Put your Twitter handle here.