RE: [ActiveDir] Policy to distribute domain wide HOSTS file
Got it! Thank you everyone for your help. I'll try the batch file/script solution first. We just finished our migration to AD and we have tons of projects going on. I want to leave DNS alone for now until there's time to really sit down and plan something out. The HOSTS file entry adding would be a temporary but effective fix for us. -Original Message- From: Rittenhouse, Cindy [mailto:[EMAIL PROTECTED] Sent: Tuesday, December 30, 2003 11:38 AM To: '[EMAIL PROTECTED]' Subject: RE: [ActiveDir] Policy to distribute domain wide HOSTS file Jeff, If you are sure you don't want to go the DNS route (which would be my first choice), we have done this by creating the host file, placing it in the sysvol\domain\scripts folder, creating a .bat file in the scripts folder to "copy \\dcxx\sysvol\yourdomain\scripts\hosts c:\winnt\system32\drivers\etc", and calling the .bat file from the users logon script. It's not very glamorous. but it worked. -Original Message- From: Dolphin, Jeff [mailto:[EMAIL PROTECTED] Sent: Tuesday, December 30, 2003 11:44 To: 'ActiveDir ([EMAIL PROTECTED]) Subject: [ActiveDir] Policy to distribute domain wide HOSTS file Either I've been hit with the stupid stick or I'm looking in the wrong place! Can anyone assist me in creating a policy to add an entry to the HOSTS file on our domain computers? Thank you for any help... List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] Policy to distribute domain wide HOSTS file
Title: Message
We
run something like 8-10 split zones, so missing something isn't
uncommon...
--
Roger D. Seielstad -
MTS MCSE MS-MVP Sr. Systems Administrator Inovis Inc.
-Original Message-From: Rich Milburn
[mailto:[EMAIL PROTECTED] Sent: Tuesday, December 30,
2003 2:23 PMTo: [EMAIL PROTECTED]Subject: RE:
[ActiveDir] Policy to distribute domain wide HOSTS file
Nice save, I’ve been
caught out by that… went to an internal DNS name, split DNS, and missed adding
an alias that was in use in some Intranet apps and it broke the whole Intranet
site… once you go to split DNS the server doesn’t forward to the external DNS
for mycompany.org resolution anymore, so if it isn’t in your internal zone, it
no longer exists to your internal devices.
From: Roger
Seielstad [mailto:[EMAIL PROTECTED] Sent: Tuesday, December 30, 2003 12:08
PMTo:
[EMAIL PROTECTED]Subject: RE: [ActiveDir] Policy to
distribute domain wide HOSTS file
Actually. let me
amend that. You need to add the appropriate records into the internal copy of
the zone to allow for any internal access. In other words, you probably also
need to account for MX records for mail delivery, as well as any other
published resources that are used from inside the
company.
--
Roger D. Seielstad -
MTS MCSE MS-MVP Sr. Systems
Administrator Inovis
Inc.
-Original
Message-From: Roger
Seielstad Sent: Tuesday,
December 30, 2003 1:01 PMTo:
[EMAIL PROTECTED]Subject: RE: [ActiveDir] Policy to
distribute domain wide HOSTS file
You really need to
set up split DNS for mycompany.org
Just add a zone
(AD integrated is fine) for mycompany.org on your internal DNS servers, and
add A records for www and intranet pointing to the appropriate
IP's.
You don't want to
go down the hosts file road - that makes troubleshooting impossible down the
line.
Roger
--
Roger D. Seielstad
- MTS MCSE MS-MVP Sr.
Systems Administrator Inovis
Inc.
-Original
Message-From:
Dolphin, Jeff [mailto:[EMAIL PROTECTED] Sent: Tuesday, December 30, 2003
12:17 PMTo:
'[EMAIL PROTECTED]'Subject: RE: [ActiveDir] Policy to
distribute domain wide HOSTS file
Sure...We
have a in-house domain (inside.local) and we also own a
registered domain (mycompany.org) . People needing the
company website go to www.mycompany.org . This is
hosted by our ISP. Recently we developed and began hosting a
company intranet in-house (using 1 to 1 NAT back to a apple g4).
Employees on the internet can access the in-house intranet using
"intranet.mycompany.org". Users on the LAN can access the intranet
using "intranet.inside.local". The webmaster is complaining that he
has to make two sets of links and lists etc...one for users in-house and
one for users on the outside. He would like it if in-house employees
could be able to access the intranet at "intranet.mycompany.org". I
did some reading on split DNS etc...but I dont think that is feasible at
this time. Adding a line in the HOSTS file for
"intranet.mycompnay.org" does the trick. But going around to every
workstation is out of the question for now.
-Original
Message-From: deji
Agba [mailto:[EMAIL PROTECTED] Sent: Tuesday, December 30, 2003
9:05 AMTo:
[EMAIL PROTECTED]Subject: RE: [ActiveDir] Policy to
distribute domain wide HOSTS file
What would be
the purpose? Maybe letting us in on your line of thoughts would make it
easier for someone to help you with this or recommend an
alternative.
Sincerely,Dèjì Akómöláfé,
MCSE MCSA
MCP+Iwww.akomolafe.comwww.iyaburo.comDo you now realize that
Today is the Tomorrow you were worried about Yesterday?
-anon
From:
Dolphin, JeffSent: Tue
12/30/2003 8:43 AMTo:
'ActiveDir ([EMAIL PROTECTED])Subject: [ActiveDir] Policy to
distribute domain wide HOSTS file
Either I've been hit with the stupid stick or I'm looking in the wrongplace! Can anyone assist me in creating a policy to add an entry to theHOSTS file on our domain computers? Thank you for any help...List info : http://www.activedir.org/mail_list.htm
RE: [ActiveDir] Policy to distribute domain wide HOSTS file
Jeff, If you are sure you don't want to go the DNS route (which would be my first choice), we have done this by creating the host file, placing it in the sysvol\domain\scripts folder, creating a .bat file in the scripts folder to "copy \\dcxx\sysvol\yourdomain\scripts\hosts c:\winnt\system32\drivers\etc", and calling the .bat file from the users logon script. It's not very glamorous. but it worked. -Original Message- From: Dolphin, Jeff [mailto:[EMAIL PROTECTED] Sent: Tuesday, December 30, 2003 11:44 To: 'ActiveDir ([EMAIL PROTECTED]) Subject: [ActiveDir] Policy to distribute domain wide HOSTS file Either I've been hit with the stupid stick or I'm looking in the wrong place! Can anyone assist me in creating a policy to add an entry to the HOSTS file on our domain computers? Thank you for any help... List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] Policy to distribute domain wide HOSTS file
Title: Message Nice save, I’ve been caught out by that… went to an internal DNS name, split DNS, and missed adding an alias that was in use in some Intranet apps and it broke the whole Intranet site… once you go to split DNS the server doesn’t forward to the external DNS for mycompany.org resolution anymore, so if it isn’t in your internal zone, it no longer exists to your internal devices. From: Roger Seielstad [mailto:[EMAIL PROTECTED] Sent: Tuesday, December 30, 2003 12:08 PM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] Policy to distribute domain wide HOSTS file Actually. let me amend that. You need to add the appropriate records into the internal copy of the zone to allow for any internal access. In other words, you probably also need to account for MX records for mail delivery, as well as any other published resources that are used from inside the company. -- Roger D. Seielstad - MTS MCSE MS-MVP Sr. Systems Administrator Inovis Inc. -Original Message- From: Roger Seielstad Sent: Tuesday, December 30, 2003 1:01 PM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] Policy to distribute domain wide HOSTS file You really need to set up split DNS for mycompany.org Just add a zone (AD integrated is fine) for mycompany.org on your internal DNS servers, and add A records for www and intranet pointing to the appropriate IP's. You don't want to go down the hosts file road - that makes troubleshooting impossible down the line. Roger -- Roger D. Seielstad - MTS MCSE MS-MVP Sr. Systems Administrator Inovis Inc. -Original Message- From: Dolphin, Jeff [mailto:[EMAIL PROTECTED] Sent: Tuesday, December 30, 2003 12:17 PM To: '[EMAIL PROTECTED]' Subject: RE: [ActiveDir] Policy to distribute domain wide HOSTS file Sure...We have a in-house domain (inside.local) and we also own a registered domain (mycompany.org) . People needing the company website go to www.mycompany.org . This is hosted by our ISP. Recently we developed and began hosting a company intranet in-house (using 1 to 1 NAT back to a apple g4). Employees on the internet can access the in-house intranet using "intranet.mycompany.org". Users on the LAN can access the intranet using "intranet.inside.local". The webmaster is complaining that he has to make two sets of links and lists etc...one for users in-house and one for users on the outside. He would like it if in-house employees could be able to access the intranet at "intranet.mycompany.org". I did some reading on split DNS etc...but I dont think that is feasible at this time. Adding a line in the HOSTS file for "intranet.mycompnay.org" does the trick. But going around to every workstation is out of the question for now. -Original Message- From: deji Agba [mailto:[EMAIL PROTECTED] Sent: Tuesday, December 30, 2003 9:05 AM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] Policy to distribute domain wide HOSTS file What would be the purpose? Maybe letting us in on your line of thoughts would make it easier for someone to help you with this or recommend an alternative. Sincerely, Dèjì Akómöláfé, MCSE MCSA MCP+I www.akomolafe.com www.iyaburo.com Do you now realize that Today is the Tomorrow you were worried about Yesterday? -anon From: Dolphin, Jeff Sent: Tue 12/30/2003 8:43 AM To: 'ActiveDir ([EMAIL PROTECTED]) Subject: [ActiveDir] Policy to distribute domain wide HOSTS file Either I've been hit with the stupid stick or I'm looking in the wrongplace! Can anyone assist me in creating a policy to add an entry to theHOSTS file on our domain computers? Thank you for any help...List info : http://www.activedir.org/mail_list.htmList FAQ : http://www.activedir.org/list_faq.htmList archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ ---APPLEBEE'S INTERNATIONAL, INC. CONFIDENTIALITY NOTICE--- PRIVILEGED / CONFIDENTIAL INFORMATION may be contained in this message or any attachments. This information is strictly confidential and may be subject to attorney-client privilege. This message is intended only for the use of the named addressee. If you are not the intended recipient of this message, unauthorized forwarding, printing, copying, distribution, or using such information is strictly prohibited and may be unlawful. If you have received this in error, you should kindly notify the sender by reply e-mail and immediately destroy this message. Unauthorized interception of this e-mail is a violation of federal criminal law. Applebee's International, Inc. reserves the right to monitor and review the content of all messages sent to and from this e-mail address. Messages sent to o
RE: [ActiveDir] Policy to distribute domain wide HOSTS file
Title: Message
Actually. let me amend that. You need to add the appropriate records into
the internal copy of the zone to allow for any internal access. In other words,
you probably also need to account for MX records for mail delivery, as well as
any other published resources that are used from inside the
company.
--
Roger D. Seielstad -
MTS MCSE MS-MVP Sr. Systems Administrator Inovis Inc.
-Original Message-From: Roger Seielstad
Sent: Tuesday, December 30, 2003 1:01 PMTo:
[EMAIL PROTECTED]Subject: RE: [ActiveDir] Policy to
distribute domain wide HOSTS file
You
really need to set up split DNS for mycompany.org
Just add a zone (AD integrated is fine) for mycompany.org on your
internal DNS servers, and add A records for www and intranet pointing to
the appropriate IP's.
You
don't want to go down the hosts file road - that makes troubleshooting
impossible down the line.
Roger
--
Roger D. Seielstad
- MTS MCSE MS-MVP Sr. Systems Administrator Inovis Inc.
-Original Message-From: Dolphin, Jeff
[mailto:[EMAIL PROTECTED] Sent: Tuesday, December 30, 2003 12:17
PMTo: '[EMAIL PROTECTED]'Subject: RE:
[ActiveDir] Policy to distribute domain wide HOSTS file
Sure...We have a in-house domain (inside.local) and we
also own a registered domain (mycompany.org) . People
needing the company website go to www.mycompany.org . This is hosted
by our ISP. Recently we developed and began hosting a company
intranet in-house (using 1 to 1 NAT back to a apple g4). Employees on
the internet can access the in-house intranet using
"intranet.mycompany.org". Users on the LAN can access the intranet
using "intranet.inside.local". The webmaster is complaining that he
has to make two sets of links and lists etc...one for users in-house and one
for users on the outside. He would like it if in-house employees could
be able to access the intranet at "intranet.mycompany.org". I did some
reading on split DNS etc...but I dont think that is feasible at this
time. Adding a line in the HOSTS file for "intranet.mycompnay.org"
does the trick. But going around to every workstation is out of the
question for now.
-Original Message-From: deji Agba
[mailto:[EMAIL PROTECTED] Sent: Tuesday, December 30, 2003 9:05
AMTo: [EMAIL PROTECTED]Subject: RE:
[ActiveDir] Policy to distribute domain wide HOSTS
file
What would be the
purpose? Maybe letting us in on your line of thoughts would make it easier
for someone to help you with this or recommend an
alternative.
Sincerely,Dèjì
Akómöláfé, MCSE MCSA
MCP+Iwww.akomolafe.comwww.iyaburo.comDo
you now realize that Today is the Tomorrow you were worried about
Yesterday? -anon
From: Dolphin, JeffSent: Tue
12/30/2003 8:43 AMTo: 'ActiveDir
([EMAIL PROTECTED])Subject: [ActiveDir] Policy to
distribute domain wide HOSTS file
Either I've been hit with the stupid stick or I'm looking in the wrong
place! Can anyone assist me in creating a policy to add an entry to the
HOSTS file on our domain computers? Thank you for any help...
List info : http://www.activedir.org/mail_list.htm
List FAQ: http://www.activedir.org/list_faq.htm
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] Policy to distribute domain wide HOSTS file
Title: Message
You
really need to set up split DNS for mycompany.org
Just
add a zone (AD integrated is fine) for mycompany.org on your internal DNS
servers, and add A records for www and intranet pointing to the appropriate
IP's.
You
don't want to go down the hosts file road - that makes troubleshooting
impossible down the line.
Roger
--
Roger D. Seielstad -
MTS MCSE MS-MVP Sr. Systems Administrator Inovis Inc.
-Original Message-From: Dolphin, Jeff
[mailto:[EMAIL PROTECTED] Sent: Tuesday, December 30, 2003 12:17
PMTo: '[EMAIL PROTECTED]'Subject: RE:
[ActiveDir] Policy to distribute domain wide HOSTS file
Sure...We have a in-house domain (inside.local) and we
also own a registered domain (mycompany.org) . People needing
the company website go to www.mycompany.org . This is hosted
by our ISP. Recently we developed and began hosting a company
intranet in-house (using 1 to 1 NAT back to a apple g4). Employees on
the internet can access the in-house intranet using
"intranet.mycompany.org". Users on the LAN can access the intranet using
"intranet.inside.local". The webmaster is complaining that he has to
make two sets of links and lists etc...one for users in-house and one for
users on the outside. He would like it if in-house employees could be
able to access the intranet at "intranet.mycompany.org". I did some
reading on split DNS etc...but I dont think that is feasible at this
time. Adding a line in the HOSTS file for "intranet.mycompnay.org" does
the trick. But going around to every workstation is out of the question
for now.
-Original Message-From: deji Agba
[mailto:[EMAIL PROTECTED] Sent: Tuesday, December 30, 2003 9:05
AMTo: [EMAIL PROTECTED]Subject: RE:
[ActiveDir] Policy to distribute domain wide HOSTS file
What would be the
purpose? Maybe letting us in on your line of thoughts would make it easier
for someone to help you with this or recommend an alternative.
Sincerely,Dèjì
Akómöláfé, MCSE MCSA
MCP+Iwww.akomolafe.comwww.iyaburo.comDo you
now realize that Today is the Tomorrow you were worried about
Yesterday? -anon
From: Dolphin, JeffSent: Tue
12/30/2003 8:43 AMTo: 'ActiveDir
([EMAIL PROTECTED])Subject: [ActiveDir] Policy to
distribute domain wide HOSTS file
Either I've been hit with the stupid stick or I'm looking in the wrong
place! Can anyone assist me in creating a policy to add an entry to the
HOSTS file on our domain computers? Thank you for any help...
List info : http://www.activedir.org/mail_list.htm
List FAQ: http://www.activedir.org/list_faq.htm
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] Policy to distribute domain wide HOSTS file
There isn't a way to do that per se, but I don't think that's a bad thing. What's the reason for adding a hosts file entry rather than fixing DNS? -- Roger D. Seielstad - MTS MCSE MS-MVP Sr. Systems Administrator Inovis Inc. > -Original Message- > From: Dolphin, Jeff [mailto:[EMAIL PROTECTED] > Sent: Tuesday, December 30, 2003 11:44 AM > To: 'ActiveDir ([EMAIL PROTECTED]) > Subject: [ActiveDir] Policy to distribute domain wide HOSTS file > > > Either I've been hit with the stupid stick or I'm looking in the wrong > place! Can anyone assist me in creating a policy to add an > entry to the > HOSTS file on our domain computers? Thank you for any help... > List info : http://www.activedir.org/mail_list.htm > List FAQ: http://www.activedir.org/list_faq.htm > List archive: > http://www.mail-archive.com/activedir%> 40mail.activedir.org/ > List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] Policy to distribute domain wide HOSTS file
Title: Message Sure...We have a in-house domain (inside.local) and we also own a registered domain (mycompany.org) . People needing the company website go to www.mycompany.org . This is hosted by our ISP. Recently we developed and began hosting a company intranet in-house (using 1 to 1 NAT back to a apple g4). Employees on the internet can access the in-house intranet using "intranet.mycompany.org". Users on the LAN can access the intranet using "intranet.inside.local". The webmaster is complaining that he has to make two sets of links and lists etc...one for users in-house and one for users on the outside. He would like it if in-house employees could be able to access the intranet at "intranet.mycompany.org". I did some reading on split DNS etc...but I dont think that is feasible at this time. Adding a line in the HOSTS file for "intranet.mycompnay.org" does the trick. But going around to every workstation is out of the question for now. -Original Message-From: deji Agba [mailto:[EMAIL PROTECTED] Sent: Tuesday, December 30, 2003 9:05 AMTo: [EMAIL PROTECTED]Subject: RE: [ActiveDir] Policy to distribute domain wide HOSTS file What would be the purpose? Maybe letting us in on your line of thoughts would make it easier for someone to help you with this or recommend an alternative. Sincerely,Dèjì Akómöláfé, MCSE MCSA MCP+Iwww.akomolafe.comwww.iyaburo.comDo you now realize that Today is the Tomorrow you were worried about Yesterday? -anon From: Dolphin, JeffSent: Tue 12/30/2003 8:43 AMTo: 'ActiveDir ([EMAIL PROTECTED])Subject: [ActiveDir] Policy to distribute domain wide HOSTS file Either I've been hit with the stupid stick or I'm looking in the wrong place! Can anyone assist me in creating a policy to add an entry to the HOSTS file on our domain computers? Thank you for any help... List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] Policy to distribute domain wide HOSTS file
What would be the purpose? Maybe letting us in on your line of thoughts would make it easier for someone to help you with this or recommend an alternative. Sincerely,Dèjì Akómöláfé, MCSE MCSA MCP+Iwww.akomolafe.comwww.iyaburo.comDo you now realize that Today is the Tomorrow you were worried about Yesterday? -anon From: Dolphin, JeffSent: Tue 12/30/2003 8:43 AMTo: 'ActiveDir ([EMAIL PROTECTED])Subject: [ActiveDir] Policy to distribute domain wide HOSTS file Either I've been hit with the stupid stick or I'm looking in the wrong place! Can anyone assist me in creating a policy to add an entry to the HOSTS file on our domain computers? Thank you for any help... List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] Policy to distribute domain wide HOSTS file
Only thing I could think of would be to have a startup script that added the entry. Unless you have a single corporate hosts file you would need to come up with some tool that would properly insert the entry you want and clear any old entry by the same name. joe -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Dolphin, Jeff Sent: Tuesday, December 30, 2003 11:44 AM To: 'ActiveDir ([EMAIL PROTECTED]) Subject: [ActiveDir] Policy to distribute domain wide HOSTS file Either I've been hit with the stupid stick or I'm looking in the wrong place! Can anyone assist me in creating a policy to add an entry to the HOSTS file on our domain computers? Thank you for any help... List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
