RE: [ActiveDir] Policy to distribute domain wide HOSTS file
Got it! Thank you everyone for your help. I'll try the batch file/script solution first. We just finished our migration to AD and we have tons of projects going on. I want to leave DNS alone for now until there's time to really sit down and plan something out. The HOSTS file entry adding would be a temporary but effective fix for us. -Original Message- From: Rittenhouse, Cindy [mailto:[EMAIL PROTECTED] Sent: Tuesday, December 30, 2003 11:38 AM To: '[EMAIL PROTECTED]' Subject: RE: [ActiveDir] Policy to distribute domain wide HOSTS file Jeff, If you are sure you don't want to go the DNS route (which would be my first choice), we have done this by creating the host file, placing it in the sysvol\domain\scripts folder, creating a .bat file in the scripts folder to "copy \\dcxx\sysvol\yourdomain\scripts\hosts c:\winnt\system32\drivers\etc", and calling the .bat file from the users logon script. It's not very glamorous. but it worked. -Original Message- From: Dolphin, Jeff [mailto:[EMAIL PROTECTED] Sent: Tuesday, December 30, 2003 11:44 To: 'ActiveDir ([EMAIL PROTECTED]) Subject: [ActiveDir] Policy to distribute domain wide HOSTS file Either I've been hit with the stupid stick or I'm looking in the wrong place! Can anyone assist me in creating a policy to add an entry to the HOSTS file on our domain computers? Thank you for any help... List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] Policy to distribute domain wide HOSTS file
Title: Message We run something like 8-10 split zones, so missing something isn't uncommon... -- Roger D. Seielstad - MTS MCSE MS-MVP Sr. Systems Administrator Inovis Inc. -Original Message-From: Rich Milburn [mailto:[EMAIL PROTECTED] Sent: Tuesday, December 30, 2003 2:23 PMTo: [EMAIL PROTECTED]Subject: RE: [ActiveDir] Policy to distribute domain wide HOSTS file Nice save, I’ve been caught out by that… went to an internal DNS name, split DNS, and missed adding an alias that was in use in some Intranet apps and it broke the whole Intranet site… once you go to split DNS the server doesn’t forward to the external DNS for mycompany.org resolution anymore, so if it isn’t in your internal zone, it no longer exists to your internal devices. From: Roger Seielstad [mailto:[EMAIL PROTECTED] Sent: Tuesday, December 30, 2003 12:08 PMTo: [EMAIL PROTECTED]Subject: RE: [ActiveDir] Policy to distribute domain wide HOSTS file Actually. let me amend that. You need to add the appropriate records into the internal copy of the zone to allow for any internal access. In other words, you probably also need to account for MX records for mail delivery, as well as any other published resources that are used from inside the company. -- Roger D. Seielstad - MTS MCSE MS-MVP Sr. Systems Administrator Inovis Inc. -Original Message-From: Roger Seielstad Sent: Tuesday, December 30, 2003 1:01 PMTo: [EMAIL PROTECTED]Subject: RE: [ActiveDir] Policy to distribute domain wide HOSTS file You really need to set up split DNS for mycompany.org Just add a zone (AD integrated is fine) for mycompany.org on your internal DNS servers, and add A records for www and intranet pointing to the appropriate IP's. You don't want to go down the hosts file road - that makes troubleshooting impossible down the line. Roger -- Roger D. Seielstad - MTS MCSE MS-MVP Sr. Systems Administrator Inovis Inc. -Original Message-From: Dolphin, Jeff [mailto:[EMAIL PROTECTED] Sent: Tuesday, December 30, 2003 12:17 PMTo: '[EMAIL PROTECTED]'Subject: RE: [ActiveDir] Policy to distribute domain wide HOSTS file Sure...We have a in-house domain (inside.local) and we also own a registered domain (mycompany.org) . People needing the company website go to www.mycompany.org . This is hosted by our ISP. Recently we developed and began hosting a company intranet in-house (using 1 to 1 NAT back to a apple g4). Employees on the internet can access the in-house intranet using "intranet.mycompany.org". Users on the LAN can access the intranet using "intranet.inside.local". The webmaster is complaining that he has to make two sets of links and lists etc...one for users in-house and one for users on the outside. He would like it if in-house employees could be able to access the intranet at "intranet.mycompany.org". I did some reading on split DNS etc...but I dont think that is feasible at this time. Adding a line in the HOSTS file for "intranet.mycompnay.org" does the trick. But going around to every workstation is out of the question for now. -Original Message-From: deji Agba [mailto:[EMAIL PROTECTED] Sent: Tuesday, December 30, 2003 9:05 AMTo: [EMAIL PROTECTED]Subject: RE: [ActiveDir] Policy to distribute domain wide HOSTS file What would be the purpose? Maybe letting us in on your line of thoughts would make it easier for someone to help you with this or recommend an alternative. Sincerely,Dèjì Akómöláfé, MCSE MCSA MCP+Iwww.akomolafe.comwww.iyaburo.comDo you now realize that Today is the Tomorrow you were worried about Yesterday? -anon From: Dolphin, JeffSent: Tue 12/30/2003 8:43 AMTo: 'ActiveDir ([EMAIL PROTECTED])Subject: [ActiveDir] Policy to distribute domain wide HOSTS file Either I've been hit with the stupid stick or I'm looking in the wrongplace! Can anyone assist me in creating a policy to add an entry to theHOSTS file on our domain computers? Thank you for any help...List info : http://www.activedir.org/mail_list.htm
RE: [ActiveDir] Policy to distribute domain wide HOSTS file
Jeff, If you are sure you don't want to go the DNS route (which would be my first choice), we have done this by creating the host file, placing it in the sysvol\domain\scripts folder, creating a .bat file in the scripts folder to "copy \\dcxx\sysvol\yourdomain\scripts\hosts c:\winnt\system32\drivers\etc", and calling the .bat file from the users logon script. It's not very glamorous. but it worked. -Original Message- From: Dolphin, Jeff [mailto:[EMAIL PROTECTED] Sent: Tuesday, December 30, 2003 11:44 To: 'ActiveDir ([EMAIL PROTECTED]) Subject: [ActiveDir] Policy to distribute domain wide HOSTS file Either I've been hit with the stupid stick or I'm looking in the wrong place! Can anyone assist me in creating a policy to add an entry to the HOSTS file on our domain computers? Thank you for any help... List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] Policy to distribute domain wide HOSTS file
Title: Message Nice save, I’ve been caught out by that… went to an internal DNS name, split DNS, and missed adding an alias that was in use in some Intranet apps and it broke the whole Intranet site… once you go to split DNS the server doesn’t forward to the external DNS for mycompany.org resolution anymore, so if it isn’t in your internal zone, it no longer exists to your internal devices. From: Roger Seielstad [mailto:[EMAIL PROTECTED] Sent: Tuesday, December 30, 2003 12:08 PM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] Policy to distribute domain wide HOSTS file Actually. let me amend that. You need to add the appropriate records into the internal copy of the zone to allow for any internal access. In other words, you probably also need to account for MX records for mail delivery, as well as any other published resources that are used from inside the company. -- Roger D. Seielstad - MTS MCSE MS-MVP Sr. Systems Administrator Inovis Inc. -Original Message- From: Roger Seielstad Sent: Tuesday, December 30, 2003 1:01 PM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] Policy to distribute domain wide HOSTS file You really need to set up split DNS for mycompany.org Just add a zone (AD integrated is fine) for mycompany.org on your internal DNS servers, and add A records for www and intranet pointing to the appropriate IP's. You don't want to go down the hosts file road - that makes troubleshooting impossible down the line. Roger -- Roger D. Seielstad - MTS MCSE MS-MVP Sr. Systems Administrator Inovis Inc. -Original Message- From: Dolphin, Jeff [mailto:[EMAIL PROTECTED] Sent: Tuesday, December 30, 2003 12:17 PM To: '[EMAIL PROTECTED]' Subject: RE: [ActiveDir] Policy to distribute domain wide HOSTS file Sure...We have a in-house domain (inside.local) and we also own a registered domain (mycompany.org) . People needing the company website go to www.mycompany.org . This is hosted by our ISP. Recently we developed and began hosting a company intranet in-house (using 1 to 1 NAT back to a apple g4). Employees on the internet can access the in-house intranet using "intranet.mycompany.org". Users on the LAN can access the intranet using "intranet.inside.local". The webmaster is complaining that he has to make two sets of links and lists etc...one for users in-house and one for users on the outside. He would like it if in-house employees could be able to access the intranet at "intranet.mycompany.org". I did some reading on split DNS etc...but I dont think that is feasible at this time. Adding a line in the HOSTS file for "intranet.mycompnay.org" does the trick. But going around to every workstation is out of the question for now. -Original Message- From: deji Agba [mailto:[EMAIL PROTECTED] Sent: Tuesday, December 30, 2003 9:05 AM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] Policy to distribute domain wide HOSTS file What would be the purpose? Maybe letting us in on your line of thoughts would make it easier for someone to help you with this or recommend an alternative. Sincerely, Dèjì Akómöláfé, MCSE MCSA MCP+I www.akomolafe.com www.iyaburo.com Do you now realize that Today is the Tomorrow you were worried about Yesterday? -anon From: Dolphin, Jeff Sent: Tue 12/30/2003 8:43 AM To: 'ActiveDir ([EMAIL PROTECTED]) Subject: [ActiveDir] Policy to distribute domain wide HOSTS file Either I've been hit with the stupid stick or I'm looking in the wrongplace! Can anyone assist me in creating a policy to add an entry to theHOSTS file on our domain computers? Thank you for any help...List info : http://www.activedir.org/mail_list.htmList FAQ : http://www.activedir.org/list_faq.htmList archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ ---APPLEBEE'S INTERNATIONAL, INC. CONFIDENTIALITY NOTICE--- PRIVILEGED / CONFIDENTIAL INFORMATION may be contained in this message or any attachments. This information is strictly confidential and may be subject to attorney-client privilege. This message is intended only for the use of the named addressee. If you are not the intended recipient of this message, unauthorized forwarding, printing, copying, distribution, or using such information is strictly prohibited and may be unlawful. If you have received this in error, you should kindly notify the sender by reply e-mail and immediately destroy this message. Unauthorized interception of this e-mail is a violation of federal criminal law. Applebee's International, Inc. reserves the right to monitor and review the content of all messages sent to and from this e-mail address. Messages sent to o
RE: [ActiveDir] Policy to distribute domain wide HOSTS file
Title: Message Actually. let me amend that. You need to add the appropriate records into the internal copy of the zone to allow for any internal access. In other words, you probably also need to account for MX records for mail delivery, as well as any other published resources that are used from inside the company. -- Roger D. Seielstad - MTS MCSE MS-MVP Sr. Systems Administrator Inovis Inc. -Original Message-From: Roger Seielstad Sent: Tuesday, December 30, 2003 1:01 PMTo: [EMAIL PROTECTED]Subject: RE: [ActiveDir] Policy to distribute domain wide HOSTS file You really need to set up split DNS for mycompany.org Just add a zone (AD integrated is fine) for mycompany.org on your internal DNS servers, and add A records for www and intranet pointing to the appropriate IP's. You don't want to go down the hosts file road - that makes troubleshooting impossible down the line. Roger -- Roger D. Seielstad - MTS MCSE MS-MVP Sr. Systems Administrator Inovis Inc. -Original Message-From: Dolphin, Jeff [mailto:[EMAIL PROTECTED] Sent: Tuesday, December 30, 2003 12:17 PMTo: '[EMAIL PROTECTED]'Subject: RE: [ActiveDir] Policy to distribute domain wide HOSTS file Sure...We have a in-house domain (inside.local) and we also own a registered domain (mycompany.org) . People needing the company website go to www.mycompany.org . This is hosted by our ISP. Recently we developed and began hosting a company intranet in-house (using 1 to 1 NAT back to a apple g4). Employees on the internet can access the in-house intranet using "intranet.mycompany.org". Users on the LAN can access the intranet using "intranet.inside.local". The webmaster is complaining that he has to make two sets of links and lists etc...one for users in-house and one for users on the outside. He would like it if in-house employees could be able to access the intranet at "intranet.mycompany.org". I did some reading on split DNS etc...but I dont think that is feasible at this time. Adding a line in the HOSTS file for "intranet.mycompnay.org" does the trick. But going around to every workstation is out of the question for now. -Original Message-From: deji Agba [mailto:[EMAIL PROTECTED] Sent: Tuesday, December 30, 2003 9:05 AMTo: [EMAIL PROTECTED]Subject: RE: [ActiveDir] Policy to distribute domain wide HOSTS file What would be the purpose? Maybe letting us in on your line of thoughts would make it easier for someone to help you with this or recommend an alternative. Sincerely,Dèjì Akómöláfé, MCSE MCSA MCP+Iwww.akomolafe.comwww.iyaburo.comDo you now realize that Today is the Tomorrow you were worried about Yesterday? -anon From: Dolphin, JeffSent: Tue 12/30/2003 8:43 AMTo: 'ActiveDir ([EMAIL PROTECTED])Subject: [ActiveDir] Policy to distribute domain wide HOSTS file Either I've been hit with the stupid stick or I'm looking in the wrong place! Can anyone assist me in creating a policy to add an entry to the HOSTS file on our domain computers? Thank you for any help... List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] Policy to distribute domain wide HOSTS file
Title: Message You really need to set up split DNS for mycompany.org Just add a zone (AD integrated is fine) for mycompany.org on your internal DNS servers, and add A records for www and intranet pointing to the appropriate IP's. You don't want to go down the hosts file road - that makes troubleshooting impossible down the line. Roger -- Roger D. Seielstad - MTS MCSE MS-MVP Sr. Systems Administrator Inovis Inc. -Original Message-From: Dolphin, Jeff [mailto:[EMAIL PROTECTED] Sent: Tuesday, December 30, 2003 12:17 PMTo: '[EMAIL PROTECTED]'Subject: RE: [ActiveDir] Policy to distribute domain wide HOSTS file Sure...We have a in-house domain (inside.local) and we also own a registered domain (mycompany.org) . People needing the company website go to www.mycompany.org . This is hosted by our ISP. Recently we developed and began hosting a company intranet in-house (using 1 to 1 NAT back to a apple g4). Employees on the internet can access the in-house intranet using "intranet.mycompany.org". Users on the LAN can access the intranet using "intranet.inside.local". The webmaster is complaining that he has to make two sets of links and lists etc...one for users in-house and one for users on the outside. He would like it if in-house employees could be able to access the intranet at "intranet.mycompany.org". I did some reading on split DNS etc...but I dont think that is feasible at this time. Adding a line in the HOSTS file for "intranet.mycompnay.org" does the trick. But going around to every workstation is out of the question for now. -Original Message-From: deji Agba [mailto:[EMAIL PROTECTED] Sent: Tuesday, December 30, 2003 9:05 AMTo: [EMAIL PROTECTED]Subject: RE: [ActiveDir] Policy to distribute domain wide HOSTS file What would be the purpose? Maybe letting us in on your line of thoughts would make it easier for someone to help you with this or recommend an alternative. Sincerely,Dèjì Akómöláfé, MCSE MCSA MCP+Iwww.akomolafe.comwww.iyaburo.comDo you now realize that Today is the Tomorrow you were worried about Yesterday? -anon From: Dolphin, JeffSent: Tue 12/30/2003 8:43 AMTo: 'ActiveDir ([EMAIL PROTECTED])Subject: [ActiveDir] Policy to distribute domain wide HOSTS file Either I've been hit with the stupid stick or I'm looking in the wrong place! Can anyone assist me in creating a policy to add an entry to the HOSTS file on our domain computers? Thank you for any help... List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] Policy to distribute domain wide HOSTS file
There isn't a way to do that per se, but I don't think that's a bad thing. What's the reason for adding a hosts file entry rather than fixing DNS? -- Roger D. Seielstad - MTS MCSE MS-MVP Sr. Systems Administrator Inovis Inc. > -Original Message- > From: Dolphin, Jeff [mailto:[EMAIL PROTECTED] > Sent: Tuesday, December 30, 2003 11:44 AM > To: 'ActiveDir ([EMAIL PROTECTED]) > Subject: [ActiveDir] Policy to distribute domain wide HOSTS file > > > Either I've been hit with the stupid stick or I'm looking in the wrong > place! Can anyone assist me in creating a policy to add an > entry to the > HOSTS file on our domain computers? Thank you for any help... > List info : http://www.activedir.org/mail_list.htm > List FAQ: http://www.activedir.org/list_faq.htm > List archive: > http://www.mail-archive.com/activedir%> 40mail.activedir.org/ > List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] Policy to distribute domain wide HOSTS file
Title: Message Sure...We have a in-house domain (inside.local) and we also own a registered domain (mycompany.org) . People needing the company website go to www.mycompany.org . This is hosted by our ISP. Recently we developed and began hosting a company intranet in-house (using 1 to 1 NAT back to a apple g4). Employees on the internet can access the in-house intranet using "intranet.mycompany.org". Users on the LAN can access the intranet using "intranet.inside.local". The webmaster is complaining that he has to make two sets of links and lists etc...one for users in-house and one for users on the outside. He would like it if in-house employees could be able to access the intranet at "intranet.mycompany.org". I did some reading on split DNS etc...but I dont think that is feasible at this time. Adding a line in the HOSTS file for "intranet.mycompnay.org" does the trick. But going around to every workstation is out of the question for now. -Original Message-From: deji Agba [mailto:[EMAIL PROTECTED] Sent: Tuesday, December 30, 2003 9:05 AMTo: [EMAIL PROTECTED]Subject: RE: [ActiveDir] Policy to distribute domain wide HOSTS file What would be the purpose? Maybe letting us in on your line of thoughts would make it easier for someone to help you with this or recommend an alternative. Sincerely,Dèjì Akómöláfé, MCSE MCSA MCP+Iwww.akomolafe.comwww.iyaburo.comDo you now realize that Today is the Tomorrow you were worried about Yesterday? -anon From: Dolphin, JeffSent: Tue 12/30/2003 8:43 AMTo: 'ActiveDir ([EMAIL PROTECTED])Subject: [ActiveDir] Policy to distribute domain wide HOSTS file Either I've been hit with the stupid stick or I'm looking in the wrong place! Can anyone assist me in creating a policy to add an entry to the HOSTS file on our domain computers? Thank you for any help... List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] Policy to distribute domain wide HOSTS file
What would be the purpose? Maybe letting us in on your line of thoughts would make it easier for someone to help you with this or recommend an alternative. Sincerely,Dèjì Akómöláfé, MCSE MCSA MCP+Iwww.akomolafe.comwww.iyaburo.comDo you now realize that Today is the Tomorrow you were worried about Yesterday? -anon From: Dolphin, JeffSent: Tue 12/30/2003 8:43 AMTo: 'ActiveDir ([EMAIL PROTECTED])Subject: [ActiveDir] Policy to distribute domain wide HOSTS file Either I've been hit with the stupid stick or I'm looking in the wrong place! Can anyone assist me in creating a policy to add an entry to the HOSTS file on our domain computers? Thank you for any help... List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] Policy to distribute domain wide HOSTS file
Only thing I could think of would be to have a startup script that added the entry. Unless you have a single corporate hosts file you would need to come up with some tool that would properly insert the entry you want and clear any old entry by the same name. joe -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Dolphin, Jeff Sent: Tuesday, December 30, 2003 11:44 AM To: 'ActiveDir ([EMAIL PROTECTED]) Subject: [ActiveDir] Policy to distribute domain wide HOSTS file Either I've been hit with the stupid stick or I'm looking in the wrong place! Can anyone assist me in creating a policy to add an entry to the HOSTS file on our domain computers? Thank you for any help... List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/