Weird issue accessing netlogon

It seems like you're encountering intermittent issues when accessing the Netlogon share, where access works either for the short domain name (\\domain\netlogon) or the fully qualified domain name (FQDN, \\domain.fqdn.gov.uk\netlogon), but not consistently. The fact that this behavior is occurring both on the internal network and over VPN suggests that there may be network or DNS-related issues.

Here are a few potential areas to investigate that may resolve this issue:

1. DNS Resolution Issues

The issue with accessing \\domain\netlogon versus \\domain.fqdn.gov.uk\netlogon likely points to DNS resolution inconsistencies. When you access resources using the short name, your client machine might be resolving it differently than when you use the FQDN.

Solution:

• Check DNS Configuration: Ensure that the DNS servers configured on the client machines (both local and via VPN) are correctly resolving the domain and the full FQDN. When using short names, DNS can sometimes resolve to an internal domain controller, but using the FQDN may involve a different DNS lookup.
• Ensure Proper DNS Records: Make sure that both the short and fully qualified domain names have appropriate DNS records in the internal DNS servers, and that they resolve correctly across both internal and VPN networks.
• DNS Suffix Search Order: Verify the DNS suffix search order on the client machines. This can be configured via Group Policy (under Computer Configuration > Administrative Templates > Network > DNS Client). If your machines are not searching the correct suffixes, it could lead to intermittent failures when trying to resolve the FQDN.

You can check DNS resolution manually using: