RE: [ActiveDir] Policy to distribute domain wide HOSTS file

[Rich Milburn]

Title: Message

Nice save, I’ve been caught out by that… went to an internal DNS name, split DNS, and missed adding an alias that was in use in some Intranet apps and it broke the whole Intranet site… once you go to split DNS the server doesn’t forward to the external DNS for mycompany.org resolution anymore, so if it isn’t in your internal zone, it no longer exists to your internal devices.   From: Roger Seielstad [mailto:[EMAIL PROTECTED] Sent: Tuesday, December 30, 2003 12:08 PM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] Policy to distribute domain wide HOSTS file   Actually. let me amend that. You need to add the appropriate records into the internal copy of the zone to allow for any internal access. In other words, you probably also need to account for MX records for mail delivery, as well as any other published resources that are used from inside the company.     -------------------------------------------------------------- Roger D. Seielstad - MTS MCSE MS-MVP Sr. Systems Administrator Inovis Inc. -----Original Message----- From: Roger Seielstad Sent: Tuesday, December 30, 2003 1:01 PM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] Policy to distribute domain wide HOSTS file You really need to set up split DNS for mycompany.org   Just add a zone (AD integrated is fine) for mycompany.org on your internal DNS servers, and add A records for www and intranet pointing to the appropriate IP's.   You don't want to go down the hosts file road - that makes troubleshooting impossible down the line.   Roger -------------------------------------------------------------- Roger D. Seielstad - MTS MCSE MS-MVP Sr. Systems Administrator Inovis Inc. -----Original Message----- From: Dolphin, Jeff [mailto:[EMAIL PROTECTED] Sent: Tuesday, December 30, 2003 12:17 PM To: '[EMAIL PROTECTED]' Subject: RE: [ActiveDir] Policy to distribute domain wide HOSTS file Sure...We have a in-house domain (inside.local) and we also own a registered domain (mycompany.org) .  People needing the company website go to www.mycompany.org .  This is hosted by our ISP.  Recently we developed and began hosting a company intranet in-house (using 1 to 1 NAT back to a apple g4).  Employees on the internet can access the in-house intranet using "intranet.mycompany.org".  Users on the LAN can access the intranet using "intranet.inside.local".  The webmaster is complaining that he has to make two sets of links and lists etc...one for users in-house and one for users on the outside.  He would like it if in-house employees could be able to access the intranet at "intranet.mycompany.org".  I did some reading on split DNS etc...but I dont think that is feasible at this time.  Adding a line in the HOSTS file for "intranet.mycompnay.org" does the trick.  But going around to every workstation is out of the question for now. -----Original Message----- From: deji Agba [mailto:[EMAIL PROTECTED] Sent: Tuesday, December 30, 2003 9:05 AM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] Policy to distribute domain wide HOSTS file What would be the purpose? Maybe letting us in on your line of thoughts would make it easier for someone to help you with this or recommend an alternative.     Sincerely, Dèjì Akómöláfé, MCSE MCSA MCP+I www.akomolafe.com www.iyaburo.com Do you now realize that Today is the Tomorrow you were worried about Yesterday?  -anon   From: Dolphin, Jeff Sent: Tue 12/30/2003 8:43 AM To: 'ActiveDir ([EMAIL PROTECTED]) Subject: [ActiveDir] Policy to distribute domain wide HOSTS file Either I've been hit with the stupid stick or I'm looking in the wrong place!  Can anyone assist me in creating a policy to add an entry to the HOSTS file on our domain computers?  Thank you for any help... List info   : http://www.activedir.org/mail_list.htm List FAQ    : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ -------APPLEBEE'S INTERNATIONAL, INC. CONFIDENTIALITY NOTICE------- PRIVILEGED / CONFIDENTIAL INFORMATION may be contained in this message or any attachments. This information is strictly confidential and may be subject to attorney-client privilege. This message is intended only for the use of the named addressee. If you are not the intended recipient of this message, unauthorized forwarding, printing, copying, distribution, or using such information is strictly prohibited and may be unlawful. If you have received this in error, you should kindly notify the sender by reply e-mail and immediately destroy this message. Unauthorized interception of this e-mail is a violation of federal criminal law. Applebee's International, Inc. reserves the right to monitor and review the content of all messages sent to and from this e-mail address. Messages sent to or from this e-mail address may be stored on the Applebee's International, Inc. e-mail system.