DNS configuration on AD with server.org

Archived from groups: microsoft.public.win2000.dns (More info?)

I have a server gmmtp.org (192.168.254.234) and I need to
setup the DNS server with an AD. The problem happens when
I try to setup the TCP/IP Properties under the option use
the following DNS server addresses: I add my primary DNS
server: 192.168.254.234 ans Alternate DNS servers: SBC DNS
SERVERS 206.141.192.60, 206.141.193.55. Users on the
network try to go to the internet and they can go to any
page except mail.gmmtp.org and gmmtp.org these two
addresses are hosted on a external server not locally. Is
there a way to grant access to all the users on my network
to these two addresses and still have the primary DNS
server 192.168.254.234. When I use SBC DNS addresses I
have access two both mail.gmmtp.org and gmmtp.org but to
login to the computers becomes a really long and slow
proccess due to the fact that the users will have to be
authenticated by first going to SBC DNS serfers and then
to ours.
Thank You
JULIO
3 answers Last reply
More about configuration server
  1. Archived from groups: microsoft.public.win2000.dns (More info?)

    Two problems.


    I add my primary DNS
    > server: 192.168.254.234 ans Alternate DNS servers: SBC DNS
    > SERVERS 206.141.192.60, 206.141.193.55.

    Don't add your ISP's DNS server to this list. It should ONLY be a forwarder
    listed on your DNS server.
    ALL AD clients (servers, DCs, member servers, and clients MUST point to the
    DNS server set up for AD ONLY.)
    See:
    How to: Configure DNS for Internet Access In Windows 2000

    http://support.microsoft.com/default.aspx?scid=kb;en-us;300202


    Users on the
    > network try to go to the internet and they can go to any
    > page except mail.gmmtp.org and gmmtp.org these two
    > addresses are hosted on a external server not locally.


    Let me guess your AD domain name is gmmtp.org?

    In your DNS server, forward lookup zone, create a host called www and assign
    it the public IP address of your website.


    hth

    DDS W 2k MVP MCSE


    "Julio" <juliortiz78@hotmail.com> wrote in message
    news:509c01c473fc$fe2b2610$a601280a@phx.gbl...
    > I have a server gmmtp.org (192.168.254.234) and I need to
    > setup the DNS server with an AD. The problem happens when
    > I try to setup the TCP/IP Properties under the option use
    > the following DNS server addresses: I add my primary DNS
    > server: 192.168.254.234 ans Alternate DNS servers: SBC DNS
    > SERVERS 206.141.192.60, 206.141.193.55. Users on the
    > network try to go to the internet and they can go to any
    > page except mail.gmmtp.org and gmmtp.org these two
    > addresses are hosted on a external server not locally. Is
    > there a way to grant access to all the users on my network
    > to these two addresses and still have the primary DNS
    > server 192.168.254.234. When I use SBC DNS addresses I
    > have access two both mail.gmmtp.org and gmmtp.org but to
    > login to the computers becomes a really long and slow
    > proccess due to the fact that the users will have to be
    > authenticated by first going to SBC DNS serfers and then
    > to ours.
    > Thank You
    > JULIO
  2. Archived from groups: microsoft.public.win2000.dns (More info?)

    I had a similar issue. you need to add A records to the 2 external servers
    under your DNS zone. also, if you are using ISA server, remove your domain
    from the LDT.

    CHeers

    Mark

    "Julio" <juliortiz78@hotmail.com> wrote in message
    news:509c01c473fc$fe2b2610$a601280a@phx.gbl...
    >I have a server gmmtp.org (192.168.254.234) and I need to
    > setup the DNS server with an AD. The problem happens when
    > I try to setup the TCP/IP Properties under the option use
    > the following DNS server addresses: I add my primary DNS
    > server: 192.168.254.234 ans Alternate DNS servers: SBC DNS
    > SERVERS 206.141.192.60, 206.141.193.55. Users on the
    > network try to go to the internet and they can go to any
    > page except mail.gmmtp.org and gmmtp.org these two
    > addresses are hosted on a external server not locally. Is
    > there a way to grant access to all the users on my network
    > to these two addresses and still have the primary DNS
    > server 192.168.254.234. When I use SBC DNS addresses I
    > have access two both mail.gmmtp.org and gmmtp.org but to
    > login to the computers becomes a really long and slow
    > proccess due to the fact that the users will have to be
    > authenticated by first going to SBC DNS serfers and then
    > to ours.
    > Thank You
    > JULIO
  3. Archived from groups: microsoft.public.win2000.dns (More info?)

    In news:%23GCwKKBdEHA.3380@TK2MSFTNGP12.phx.gbl,
    Mark Scott <m@rk-5c0tt@8lu3y0nd3r.c0.uk> asked for help and I offered my
    suggestions below:
    > I had a similar issue. you need to add A records to the 2 external
    > servers under your DNS zone. also, if you are using ISA server,
    > remove your domain from the LDT.
    >
    > CHeers
    >
    > Mark
    >
    HI Mark,

    In any AD scenario, the ISP's DNS cannot be used for any AD members (DCs or
    clients), which is what's causing the long log on times for the poster. As
    Danny pointed out, only use the internal DNS.

    If he has a split horizon zone, which apparently it is, (same name internal
    and external), I would follow your suggestions to create records for:
    mail.gmmtp.org

    But I would not mess with the domain entry below, nor alter it on the
    internal DNS server.
    "gmmtp.org"

    It can be changed and forced with a registry entry to change it to the
    external website IP, but its not recommended.

    Why, you ask?
    Because this is called the LdapIpAddress that all DCs register into the zone
    with the IPs of each and every DC in the domain. It is used for when the
    client side extensions run the GetDcList function to apply GPOs,
    specifically it queries for:
    \\gmmtp.org\sysvol\gmmtp.org\policies\{GUID#ofThePolicy}

    DFS also uses it.

    Split horizon zones are problematic with this when the client needs to get
    to their domain by http://gmmtp.org. May live without it and just use
    www.gmmtp.org. Both the www and the mail records need to be created, as you
    indicated, with the external IP addresses on the internal DNS.


    --
    Regards,
    Ace

    Please direct all replies ONLY to the Microsoft public newsgroups
    so all can benefit.

    This posting is provided "AS-IS" with no warranties or guarantees
    and confers no rights.

    Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
    Microsoft Windows MVP - Windows Server - Directory Services

    Security Is Like An Onion, It Has Layers
    HAM AND EGGS: A day's work for a chicken;
    A lifetime commitment for a pig.
    --
    =================================
Ask a new question

Read More

Configuration DNS Servers Windows