Internal win2000 server and ISP using the same domain

Archived from groups: microsoft.public.win2000.dns (More info?)

Hi!

Firstly, sorry about my poor english

I have just one win2000 server with a DNS server and domain name XXX.com.br. This server dont communicate with Internet (we have just one machine to communicate with Internet, a proxy server with 2
lan cards using Winproxy) and our DNS server is configurated just to resolve names for win2000/XP workstations logon (i deleted the root zone) and have forwards to the ISP server. Our mail server is
in the ISP with name pop.YYY.com.br and smtp.YYY.com.br. Now, the ISP want to change the domain name and use the same domain name that we use in the internal win2000 server pop.XXX.com.br and
smtp.XXX.com.br. The problem is that our win2000 server cant resolve the name because is the same domain name and our server is authoritative. My server is not in mixed mode, so to rename my domain is
so complicated and dangerous. What can i do to resolve this problem? Add a root hint to point to the ISP server resolve my problem?

Thanks in advance,

Marc Cubría - Rio de Janeiro, Brazil
7 answers Last reply
More about internal win2000 server domain
  1. Archived from groups: microsoft.public.win2000.dns (More info?)

    "Now, the ISP want to change the domain name and use the same domain name that we use in the internal win2000 server pop.XXX.com.br and
    smtp.XXX.com.br."

    Why does your ISP want to change the domain name? It is important to use a separate domain name on your internal network. Using the same domain name on your internal network as you have published externally is poor security practice and should be avoided, not to mention it will cause administrative difficulties.

    "The problem is that our win2000 server cant resolve the name because is the same domain name and our server is authoritative."

    I'm not quite sure what your having trouble resolving but you should be able to enter the appropriate records in you internal DNS to resolve the required items. That said; you should definitely avoid the use of the same domain names internally and externally. This is going to cause you more problems.

    Ian Bagnald
    MCSE:Security Windows 2000
    MCSA:Security Windows 2000
    COMPTIA A+


    "Marc Cubria" wrote:

    > Hi!
    >
    > Firstly, sorry about my poor english
    >
    > I have just one win2000 server with a DNS server and domain name XXX.com.br. This server dont communicate with Internet (we have just one machine to communicate with Internet, a proxy server with 2
    > lan cards using Winproxy) and our DNS server is configurated just to resolve names for win2000/XP workstations logon (i deleted the root zone) and have forwards to the ISP server. Our mail server is
    > in the ISP with name pop.YYY.com.br and smtp.YYY.com.br. Now, the ISP want to change the domain name and use the same domain name that we use in the internal win2000 server pop.XXX.com.br and
    > smtp.XXX.com.br. The problem is that our win2000 server cant resolve the name because is the same domain name and our server is authoritative. My server is not in mixed mode, so to rename my domain is
    > so complicated and dangerous. What can i do to resolve this problem? Add a root hint to point to the ISP server resolve my problem?
    >
    > Thanks in advance,
    >
    > Marc Cubría - Rio de Janeiro, Brazil
    >
    >
    >
    >
    >
    >
  2. Archived from groups: microsoft.public.win2000.dns (More info?)

    "Now, the ISP want to change the domain name and use the same domain name that we use in the internal win2000 server pop.XXX.com.br and
    smtp.XXX.com.br."

    Why does your ISP want to change the domain name? If possible it is best to use a seperate domain name on your internal network. Using the same domain name on your internal network as you have published externally is poor security practice and should be avoided.

    "The problem is that our win2000 server cant resolve the name because is the same domain name and our server is authoritative."

    I'm not quite sure what your having trouble resolving but you should be able to enter the appropriate records in you internal DNS to resolve the required items. That said, you should avoid the use of the same domain names internally and externally.

    "Marc Cubria" wrote:

    > Hi!
    >
    > Firstly, sorry about my poor english
    >
    > I have just one win2000 server with a DNS server and domain name XXX.com.br. This server dont communicate with Internet (we have just one machine to communicate with Internet, a proxy server with 2
    > lan cards using Winproxy) and our DNS server is configurated just to resolve names for win2000/XP workstations logon (i deleted the root zone) and have forwards to the ISP server. Our mail server is
    > in the ISP with name pop.YYY.com.br and smtp.YYY.com.br. Now, the ISP want to change the domain name and use the same domain name that we use in the internal win2000 server pop.XXX.com.br and
    > smtp.XXX.com.br. The problem is that our win2000 server cant resolve the name because is the same domain name and our server is authoritative. My server is not in mixed mode, so to rename my domain is
    > so complicated and dangerous. What can i do to resolve this problem? Add a root hint to point to the ISP server resolve my problem?
    >
    > Thanks in advance,
    >
    > Marc Cubría - Rio de Janeiro, Brazil
    >
    >
    >
    >
    >
    >
  3. Archived from groups: microsoft.public.win2000.dns (More info?)

    In news:ufcte0da61c1piqnilsd3gt26qch8jhqfn@4ax.com,
    Marc Cubria <altzb@hotmail.com> asked for help and I offered my suggestions
    below:
    > Hi!
    >
    > Firstly, sorry about my poor english
    >
    > I have just one win2000 server with a DNS server and domain name
    > XXX.com.br. This server dont communicate with Internet (we have just
    > one machine to communicate with Internet, a proxy server with 2 lan
    > cards using Winproxy) and our DNS server is configurated just to
    > resolve names for win2000/XP workstations logon (i deleted the root
    > zone) and have forwards to the ISP server. Our mail server is in the
    > ISP with name pop.YYY.com.br and smtp.YYY.com.br. Now, the ISP want
    > to change the domain name and use the same domain name that we use in
    > the internal win2000 server pop.XXX.com.br and smtp.XXX.com.br. The
    > problem is that our win2000 server cant resolve the name because is
    > the same domain name and our server is authoritative. My server is
    > not in mixed mode, so to rename my domain is so complicated and
    > dangerous. What can i do to resolve this problem? Add a root hint to
    > point to the ISP server resolve my problem?
    >
    > Thanks in advance,
    >
    > Marc Cubría - Rio de Janeiro, Brazil

    Easy fix - create the necessary A records (smtp, pop, ftp. etc etc) giving
    them the actual external IP addresses.

    --
    Regards,
    Ace

    Please direct all replies ONLY to the Microsoft public newsgroups
    so all can benefit.

    This posting is provided "AS-IS" with no warranties or guarantees
    and confers no rights.

    Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
    Microsoft Windows MVP - Active Directory

    HAM AND EGGS: A day's work for a chicken;
    A lifetime commitment for a pig.
    --
    =================================
  4. Archived from groups: microsoft.public.win2000.dns (More info?)

    Dear

    Dear Ace Fekay,

    Thanks a lot. I´ll try add an A records from the ISP mail server ip´s to my DNS
    with the dnscommand recordadd, right?

    Something like:
    ISP´s pop server: 200.20.99.28 (pop.xxx.com.br)

    Dnscmd fcrb2.xxx.com.br /RecordAdd pop.xxx.com.br A 200.20.99.28. It´s
    right?


    But, if i configure outlook with the ip address instead of the name of the
    ISP´s mail server, i wont have the problem. It is right? The only problem is if
    the ISP ip´s change, ok?


    On Fri, 9 Jul 2004 21:03:23 -0400, "Ace Fekay [MVP]"
    <PleaseSubstituteMyActualFirstName&LastNameHere@hotmail.com> wrote:

    >In news:ufcte0da61c1piqnilsd3gt26qch8jhqfn@4ax.com,
    >Marc Cubria <altzb@hotmail.com> asked for help and I offered my suggestions
    >below:
    >> Hi!
    >>
    >> Firstly, sorry about my poor english
    >>
    >> I have just one win2000 server with a DNS server and domain name
    >> XXX.com.br. This server dont communicate with Internet (we have just
    >> one machine to communicate with Internet, a proxy server with 2 lan
    >> cards using Winproxy) and our DNS server is configurated just to
    >> resolve names for win2000/XP workstations logon (i deleted the root
    >> zone) and have forwards to the ISP server. Our mail server is in the
    >> ISP with name pop.YYY.com.br and smtp.YYY.com.br. Now, the ISP want
    >> to change the domain name and use the same domain name that we use in
    >> the internal win2000 server pop.XXX.com.br and smtp.XXX.com.br. The
    >> problem is that our win2000 server cant resolve the name because is
    >> the same domain name and our server is authoritative. My server is
    >> not in mixed mode, so to rename my domain is so complicated and
    >> dangerous. What can i do to resolve this problem? Add a root hint to
    >> point to the ISP server resolve my problem?
    >>
    >> Thanks in advance,
    >>
    >> Marc Cubría - Rio de Janeiro, Brazil
    >
    >Easy fix - create the necessary A records (smtp, pop, ftp. etc etc) giving
    >them the actual external IP addresses.
    >
    >--
    >Regards,
    >Ace
    >
    >Please direct all replies ONLY to the Microsoft public newsgroups
    >so all can benefit.
    >
    >This posting is provided "AS-IS" with no warranties or guarantees
    >and confers no rights.
    >
    >Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
    >Microsoft Windows MVP - Active Directory
    >
    >HAM AND EGGS: A day's work for a chicken;
    >A lifetime commitment for a pig.
  5. Archived from groups: microsoft.public.win2000.dns (More info?)

    In news:1oh5f0l5uifoi9jvr5fl03f6bsfo3bo15l@4ax.com,
    Marc Cubria <altzb@hotmail.com> asked for help and I offered my suggestions
    below:
    > Dear
    >
    > Dear Ace Fekay,
    >
    > Thanks a lot. I´ll try add an A records from the ISP mail server
    > ip´s to my DNS with the dnscommand recordadd, right?
    >
    > Something like:
    > ISP´s pop server: 200.20.99.28 (pop.xxx.com.br)
    >
    > Dnscmd fcrb2.xxx.com.br /RecordAdd pop.xxx.com.br A 200.20.99.28.
    > It´s right?
    >
    >
    > But, if i configure outlook with the ip address instead of the name
    > of the ISP´s mail server, i wont have the problem. It is right? The
    > only problem is if the ISP ip´s change, ok?
    >
    >
    >

    Yes, use the ISP's pop server. You can use dnscmd if you like. Since its one
    record, I usually just go in and manually create it, its quicker. Dnscmd is
    more for batching mutliple tasks.

    Normally with mail services, records won't change. I can understand www
    records, which some ISPs change often or have multiple records, where a
    delegation will handle it better. If you feel that the records will change
    (don't know why the ISP would constantly change it) instead of creating an A
    record, instead create a delegation to "pop" and provide the nameservers on
    record for your domain name instead of the ISP's DNS address (unless they;re
    the same). This will insure that whatever the IP is, it will always resolve.
    Delegate all your reources this way.

    If you put the name in the client, and you have the necessary records setup,
    I do not see why it will not resolve, unless you have your client (and DCs)
    DNS addresses configured with something else other than your required
    internal DNS addresses (that AD uses).

    --
    Regards,
    Ace

    Please direct all replies ONLY to the Microsoft public newsgroups
    so all can benefit.

    This posting is provided "AS-IS" with no warranties or guarantees
    and confers no rights.

    Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
    Microsoft Windows MVP - Active Directory

    HAM AND EGGS: A day's work for a chicken;
    A lifetime commitment for a pig.
    --
    =================================
  6. Archived from groups: microsoft.public.win2000.dns (More info?)

    Dear Ace Fekay,

    Again, Thanks for your help.

    I dont have much experience with DNS, so i would use the dnscmd command, now i
    used the dns manager, and WORKS!

    Thanks a lot.

    Marc Cubría - Rio de Janeiro, Brazil


    On Mon, 12 Jul 2004 13:48:32 -0400, "Ace Fekay [MVP]"
    <PleaseSubstituteMyActualFirstName&LastNameHere@hotmail.com> wrote:

    >In news:1oh5f0l5uifoi9jvr5fl03f6bsfo3bo15l@4ax.com,
    >Marc Cubria <altzb@hotmail.com> asked for help and I offered my suggestions
    >below:
    >> Dear
    >>
    >> Dear Ace Fekay,
    >>
    >> Thanks a lot. I´ll try add an A records from the ISP mail server
    >> ip´s to my DNS with the dnscommand recordadd, right?
    >>
    >> Something like:
    >> ISP´s pop server: 200.20.99.28 (pop.xxx.com.br)
    >>
    >> Dnscmd fcrb2.xxx.com.br /RecordAdd pop.xxx.com.br A 200.20.99.28.
    >> It´s right?
    >>
    >>
    >> But, if i configure outlook with the ip address instead of the name
    >> of the ISP´s mail server, i wont have the problem. It is right? The
    >> only problem is if the ISP ip´s change, ok?
    >>
    >>
    >>
    >
    >Yes, use the ISP's pop server. You can use dnscmd if you like. Since its one
    >record, I usually just go in and manually create it, its quicker. Dnscmd is
    >more for batching mutliple tasks.
    >
    >Normally with mail services, records won't change. I can understand www
    >records, which some ISPs change often or have multiple records, where a
    >delegation will handle it better. If you feel that the records will change
    >(don't know why the ISP would constantly change it) instead of creating an A
    >record, instead create a delegation to "pop" and provide the nameservers on
    >record for your domain name instead of the ISP's DNS address (unless they;re
    >the same). This will insure that whatever the IP is, it will always resolve.
    >Delegate all your reources this way.
    >
    >If you put the name in the client, and you have the necessary records setup,
    >I do not see why it will not resolve, unless you have your client (and DCs)
    >DNS addresses configured with something else other than your required
    >internal DNS addresses (that AD uses).
    >
    >--
    >Regards,
    >Ace
    >
    >Please direct all replies ONLY to the Microsoft public newsgroups
    >so all can benefit.
    >
    >This posting is provided "AS-IS" with no warranties or guarantees
    >and confers no rights.
    >
    >Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
    >Microsoft Windows MVP - Active Directory
    >
    >HAM AND EGGS: A day's work for a chicken;
    >A lifetime commitment for a pig.
  7. Archived from groups: microsoft.public.win2000.dns (More info?)

    In news:mbq5f09mimbgtbk0p40k3d9hfgrcmglnuk@4ax.com,
    Marc Cubria <altzb@hotmail.com> asked for help and I offered my suggestions
    below:
    > Dear Ace Fekay,
    >
    > Again, Thanks for your help.
    >
    > I dont have much experience with DNS, so i would use the dnscmd
    > command, now i used the dns manager, and WORKS!
    >
    > Thanks a lot.
    >
    > Marc Cubría - Rio de Janeiro, Brazil
    >
    >

    My pleasure. Glad to hear it worked for you!

    --
    Regards,
    Ace

    Please direct all replies ONLY to the Microsoft public newsgroups
    so all can benefit.

    This posting is provided "AS-IS" with no warranties or guarantees
    and confers no rights.

    Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
    Microsoft Windows MVP - Active Directory

    HAM AND EGGS: A day's work for a chicken;
    A lifetime commitment for a pig.
    --
    =================================
Ask a new question

Read More

Internet Service Providers Domain Name Servers Windows