is it possible to replicate a host file between computers?

[nageov3t]

ignore the whole "why" of why I need to use the host file. haha. it's a work thing and there's no great way around it because I've got to manage multiple client machines on different domains over a private network. we use the host file on our internal servers to point their private IP to our own internal names for the client servers.

the end result is that I've got 10 different internal machines that I'm trying to manage the host files on... and every time we need to connect a new client to our backend stuff, it's 10 host files to update manually (and 10 to update every time we remove a client)

is there a great way to automate this? I'd love to be able to just have to worry about maintaining one host file and have it replicate out to the other servers.

 

[RaiderJ]

Maybe just set up a script that will copy a host file from a network location to the local machine? Something like:

copy z:\hosts.txt %systemroot%\system32\drivers\etc\

Have it run as a scheduled task hourly/daily/etc.

 

[Nothinman]

Any method of automation would need local admin access to every client PC so you would either need to replicate it across all those domains or create trusts between them and at least the 1 "primary" domain.

I believe a GPO can be used to just push arbitrary files so in theory you could do that too, again depending on domain membership and access.

But in reality you should be looking for a way to handle this within DNS, managing hosts files on any number of hosts will end up causing problems eventually.

 

[VirtualLarry]

Wait until you start using Windows 8, and it's built-in AV (Windows Defender, which is a version of MSSE) starts REMOVING your HOSTS file entries automagically.

The only solution (that I am aware of) is to disable Windows Defender.

 

[Nothinman]

Wait until you start using Windows 8, and it's built-in AV (Windows Defender, which is a version of MSSE) starts REMOVING your HOSTS file entries automagically.

The only solution (that I am aware of) is to disable Windows Defender.

That's just stupid if true.

 

[Ferzerp]

That's just stupid if true.

It isn't. Tech "journalists" aren't known to be very good at fact checking (outrage first! accuracy be damned). It seems a perfectly reasonable default behavior, but you can just exclude it from being looked at by the built in AV if you want to actually use a HOSTS file.

http://support.microsoft.com/kb/2764944

 

[pcslookout]

That's just stupid if true.

It is true.

 

[Dstoop]

It isn't. Tech "journalists" aren't known to be very good at fact checking (outrage first! accuracy be damned). It seems a perfectly reasonable default behavior, but you can just exclude it from being looked at by the built in AV if you want to actually use a HOSTS file.

http://support.microsoft.com/kb/2764944

I'm gonna have to agree here. The most common uses for manually editing the HOSTS file in my experience have been related to DRM circumvention (redirect requests to the drm server to 127.0.0.1) or viruses/malware forcing redirection. The legitimate uses are so few and far between these days that for the vast majority of users resetting the file frequently is going to be a boon to their security more than a hindrance. For us tinkerers who do need it, just disable that feature in your AV. It's no more of a hassle than manually allowing a program through your firewall software.

Anyway, back on topic. If you can't arbitrarily push the file via GPO and you don't want to set up a scheduled task on every single PC to pull it from a centrally located network share, you can always configure the sync as part of the login script for each user in the domain. It relies on your users actually remembering to log out, but its better than manual editing in the event the other methods give you trouble.

 

[Nothinman]

It isn't. Tech "journalists" aren't known to be very good at fact checking (outrage first! accuracy be damned). It seems a perfectly reasonable default behavior, but you can just exclude it from being looked at by the built in AV if you want to actually use a HOSTS file.

http://support.microsoft.com/kb/2764944

That makes more sense and I agree that it's fine default behavior. The hosts file is effectively a holdover from the days before DNS and has very limited usefulness these days. I would even go so far as to say MS should disable its use by default, but I don't think their DNS client has that option.

 

[Ferzerp]

I use them once every few years when network changes necessitate a few systems needing to address something on a different IP address than everything else. It would be nice to have a robust way to do policy based responses for DNS without creating massive levels of complexity, but in the mean time, on the corner cases requiring it, hosts file it is.

 

[xSauronx]

ignore the whole "why" of why I need to use the host file. haha. it's a work thing and there's no great way around it because I've got to manage multiple client machines on different domains over a private network.

do you not have control of the domains? do you get along with people managing the domains? might it be possible to get them to create DNS entries for you? ive had to do this with a medical group a few times for some legacy servers that had to be on their network or some such...but it was a mandate that users have access so i didnt have an issue getting other admins to give me dns entries when i needed them

 

[imagoon]

You can deploy the HOSTS file via AD like any other file. You could also use a cron job to grab the same file for Linux hosts.

 

[AFurryReptile]

Do it in DNS. You'll save yourself a world of headache in the future.

If you're working with Windows servers, set up something called a "Global Names" zone. It will allow you to resolve a simple UNC names like "SERVER01" instead of requiring the entire path, like "SERVER01.domain.local"

 

[VirtualLarry]

It isn't. Tech "journalists" aren't known to be very good at fact checking (outrage first! accuracy be damned). It seems a perfectly reasonable default behavior, but you can just exclude it from being looked at by the built in AV if you want to actually use a HOSTS file.

http://support.microsoft.com/kb/2764944

For the record, Windows Defender in Windows 7 also detects HOSTS file modifications as Malware, but unlike Windows 8, it does not automagically clean the file, instead, it prompts the user for action. Whenever it comes up for me, I just click "Ignore".