Sign in with
Sign up | Sign in
Your question

DNS configuration on AD with server.org

Tags:
  • Configuration
  • DNS
  • Servers
  • Windows
Last response: in Windows 2000/NT
Share
July 27, 2004 2:13:10 PM

Archived from groups: microsoft.public.win2000.dns (More info?)

I have a server gmmtp.org (192.168.254.234) and I need to
setup the DNS server with an AD. The problem happens when
I try to setup the TCP/IP Properties under the option use
the following DNS server addresses: I add my primary DNS
server: 192.168.254.234 ans Alternate DNS servers: SBC DNS
SERVERS 206.141.192.60, 206.141.193.55. Users on the
network try to go to the internet and they can go to any
page except mail.gmmtp.org and gmmtp.org these two
addresses are hosted on a external server not locally. Is
there a way to grant access to all the users on my network
to these two addresses and still have the primary DNS
server 192.168.254.234. When I use SBC DNS addresses I
have access two both mail.gmmtp.org and gmmtp.org but to
login to the computers becomes a really long and slow
proccess due to the fact that the users will have to be
authenticated by first going to SBC DNS serfers and then
to ours.
Thank You
JULIO

More about : dns configuration server org

Anonymous
July 27, 2004 6:07:38 PM

Archived from groups: microsoft.public.win2000.dns (More info?)

Two problems.


I add my primary DNS
> server: 192.168.254.234 ans Alternate DNS servers: SBC DNS
> SERVERS 206.141.192.60, 206.141.193.55.

Don't add your ISP's DNS server to this list. It should ONLY be a forwarder
listed on your DNS server.
ALL AD clients (servers, DCs, member servers, and clients MUST point to the
DNS server set up for AD ONLY.)
See:
How to: Configure DNS for Internet Access In Windows 2000

http://support.microsoft.com/default.aspx?scid=kb;en-us;300202





Users on the
> network try to go to the internet and they can go to any
> page except mail.gmmtp.org and gmmtp.org these two
> addresses are hosted on a external server not locally.



Let me guess your AD domain name is gmmtp.org?

In your DNS server, forward lookup zone, create a host called www and assign
it the public IP address of your website.



hth

DDS W 2k MVP MCSE



"Julio" <juliortiz78@hotmail.com> wrote in message
news:509c01c473fc$fe2b2610$a601280a@phx.gbl...
> I have a server gmmtp.org (192.168.254.234) and I need to
> setup the DNS server with an AD. The problem happens when
> I try to setup the TCP/IP Properties under the option use
> the following DNS server addresses: I add my primary DNS
> server: 192.168.254.234 ans Alternate DNS servers: SBC DNS
> SERVERS 206.141.192.60, 206.141.193.55. Users on the
> network try to go to the internet and they can go to any
> page except mail.gmmtp.org and gmmtp.org these two
> addresses are hosted on a external server not locally. Is
> there a way to grant access to all the users on my network
> to these two addresses and still have the primary DNS
> server 192.168.254.234. When I use SBC DNS addresses I
> have access two both mail.gmmtp.org and gmmtp.org but to
> login to the computers becomes a really long and slow
> proccess due to the fact that the users will have to be
> authenticated by first going to SBC DNS serfers and then
> to ours.
> Thank You
> JULIO
Anonymous
July 28, 2004 12:47:29 AM

Archived from groups: microsoft.public.win2000.dns (More info?)

I had a similar issue. you need to add A records to the 2 external servers
under your DNS zone. also, if you are using ISA server, remove your domain
from the LDT.

CHeers

Mark

"Julio" <juliortiz78@hotmail.com> wrote in message
news:509c01c473fc$fe2b2610$a601280a@phx.gbl...
>I have a server gmmtp.org (192.168.254.234) and I need to
> setup the DNS server with an AD. The problem happens when
> I try to setup the TCP/IP Properties under the option use
> the following DNS server addresses: I add my primary DNS
> server: 192.168.254.234 ans Alternate DNS servers: SBC DNS
> SERVERS 206.141.192.60, 206.141.193.55. Users on the
> network try to go to the internet and they can go to any
> page except mail.gmmtp.org and gmmtp.org these two
> addresses are hosted on a external server not locally. Is
> there a way to grant access to all the users on my network
> to these two addresses and still have the primary DNS
> server 192.168.254.234. When I use SBC DNS addresses I
> have access two both mail.gmmtp.org and gmmtp.org but to
> login to the computers becomes a really long and slow
> proccess due to the fact that the users will have to be
> authenticated by first going to SBC DNS serfers and then
> to ours.
> Thank You
> JULIO
Anonymous
July 28, 2004 12:47:30 AM

Archived from groups: microsoft.public.win2000.dns (More info?)

In news:%23GCwKKBdEHA.3380@TK2MSFTNGP12.phx.gbl,
Mark Scott <m@rk-5c0tt@8lu3y0nd3r.c0.uk> asked for help and I offered my
suggestions below:
> I had a similar issue. you need to add A records to the 2 external
> servers under your DNS zone. also, if you are using ISA server,
> remove your domain from the LDT.
>
> CHeers
>
> Mark
>
HI Mark,

In any AD scenario, the ISP's DNS cannot be used for any AD members (DCs or
clients), which is what's causing the long log on times for the poster. As
Danny pointed out, only use the internal DNS.

If he has a split horizon zone, which apparently it is, (same name internal
and external), I would follow your suggestions to create records for:
mail.gmmtp.org

But I would not mess with the domain entry below, nor alter it on the
internal DNS server.
"gmmtp.org"

It can be changed and forced with a registry entry to change it to the
external website IP, but its not recommended.

Why, you ask?
Because this is called the LdapIpAddress that all DCs register into the zone
with the IPs of each and every DC in the domain. It is used for when the
client side extensions run the GetDcList function to apply GPOs,
specifically it queries for:
\\gmmtp.org\sysvol\gmmtp.org\policies\{GUID#ofThePolicy}

DFS also uses it.

Split horizon zones are problematic with this when the client needs to get
to their domain by http://gmmtp.org. May live without it and just use
www.gmmtp.org. Both the www and the mail records need to be created, as you
indicated, with the external IP addresses on the internal DNS.



--
Regards,
Ace

Please direct all replies ONLY to the Microsoft public newsgroups
so all can benefit.

This posting is provided "AS-IS" with no warranties or guarantees
and confers no rights.

Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
Microsoft Windows MVP - Windows Server - Directory Services

Security Is Like An Onion, It Has Layers
HAM AND EGGS: A day's work for a chicken;
A lifetime commitment for a pig.
--
=================================
!