Won’t happen since both are the same DNS
name
-----Original Message-----
From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Edwin
Sent: Tuesday, December 14, 2004
1:01 PM
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir] Domain
Name and DNS Problems
That is why I mentioned the Perl script that is
used. That is exactly what it does. But this is not what I would
like to see. I would like for our internal AD DNS to only host records
for our internal systems and forward any other unresolved requests.
On Tue, 2004-12-14 at 09:29 -0500, Salandra, Justin A. wrote:
Why don’t you just duplicate the records in the public DNS
zone to the private zone. That is what I do since both my internal and
external namespaces are the same.
-----Original
Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On
Behalf Of Edwin
Sent: Tuesday, December 14, 2004 9:04 AM
To: [EMAIL PROTECTED]
Subject: [ActiveDir] Domain Name and DNS Problems
Hello Everyone. I have an
ongoing problem and would like to get some assistance please.
The domain that I am currently
responsible for is the first domain that I have ever configured. As a
result there was a lot of trial and error and most things were resolved but
there remains this one problem that still lingers. I will try to explain
as best as I can the scenario.
I work for a company
(mycompany.net) and we host many web servers out on the public Internet.
Our servers follow a naming scheme that is dependent on the type of OS or
special purpose for that server. i.e. w39322.mycompany.net for Windows Web
Servers and l23841.mycompany.net for Linux servers. There are other
naming conventions that is not important for this topic.
Throughout the every day work
environment we are constantly accessing these servers for trouble shooting,
investigations or other general use. The web servers are authoritative to
public name servers ns1.mycompany.net and ns2.mycompany.net
When the domain was put online
within our internal network, I used mycompany.net as the domain name. I
also have DNS services for the domain on a one of the DC's. Since I have
named our internal domain the same as our public domain, we ran into problems
where we were no longer able to connect to our web servers on the
Internet. As a workaround solution we wrote a Perl script that goes out
to our public name servers and reads the mycompany.net zone and grabs any
information that it does not have. The data is then written to a text
file that then runs DNSCMD to import the data into the DC's DNS zone for
mycompany.net
This is okay but still problematic
and ultimately not the solution that I would like to have.
Our domain consists of:
1. 2 Win2K3 Standard DC's
2. 1 Win2K3 Standard File Server
3. 1 Win2K Exchange Server with
Exchange 2000
4. Win2K Professional Workstations
>From what I understand Win2K3
has a new feature that will allow for you to change the domain name of an
already configured network. But this will not apply to me since I have
Win2K Pro Clients and an Exchange 2K Server.
We do have an internal name server
but it is a caching name server for the authoritative public name server.
It is my understanding that AD requires for the nameserver to be authoritative
for the domain and support SRV records. SRV records are not a problem but
the authoritative part is since our public name server hold that role and it is
not able to be changed. Also, to make the server authoritative would mean
that our internal systems could be known by the public Internet.
Can anyone offer any suggestions to
overcome this problem? Ultimately, what I would like to have done is for
the mycompany.net zone on the AD DNS Server only to contain entries for our
internal network. Any requests not resolved by the AD DNS server then get
forwarded to the public name server. This would allow me to then clean up
the zone for the AD DNS server and still have the functionality that we
require.
Is this possible?
Thank you all for your replies.
