Active Directory, DNS, and ISP hosted domains

Archived from groups: microsoft.public.win2000.dns (More info?)

Hello. I'm having trouble with a new Windows 2000 Advanced Server
installation. Everything is working great (internet, local logins, etc.)
except for one thing.

I setup the domain the same as the internet presence of the organization.
For example, their internet domain name is organization.com and their Active
Directory domain is organization.com. However, their website and email are
hosted on the internet. Whenever a local request is issued by a client for
organization.com, the WIN2K server intercepts the requests and then
subsequnetly times out. This happens for both web and mail traffic. The
local users can't get to their website and they can't send or receive email.
How do I fix this problem so that the WIN2K server sends requests for
organization.com on out to the proper place on the internet?

Thank you. :o)
5 answers Last reply
More about active directory hosted domains
  1. Archived from groups: microsoft.public.win2000.dns (More info?)

    Your DNS claims to be authoritative for "organization.com" so it sees no need to forward any queries it receives. It should however
    just return a negative response, not a timeout.

    You simply need to create "shadow" entries in your local zone's DNS server for the various public names. For example, if
    www.organization.net is 111.22.3.4, then you need to add an A record to your inside DNS server for www to point to this IP. That's
    all. If you have a mail server you'll need to replicate the MX record(s) also.

    Having to maintain these shadow entries can be a little annoying. One trick you can use is to create a delegation record instead of
    an A record for the name. The delegated name servers for this name will be the public DNS name servers for your domain. This just
    avoids the need to track changes manually to the IP address because your server now forwards queries to the public name server for
    that name. Don't worry about it if you're not comfortable with this - creating A/MX/CNAME records works just fine, and there usually
    aren't very many of them for the average domain.

    Steve Duff, MCSE, MVP
    Ergodic Systems, Inc.

    "Fyrestryke" <Fyrestryke@discussions.microsoft.com> wrote in message news:109F4C8B-B2EF-4DBA-8592-6D0BC8B6546B@microsoft.com...
    > Hello. I'm having trouble with a new Windows 2000 Advanced Server
    > installation. Everything is working great (internet, local logins, etc.)
    > except for one thing.
    >
    > I setup the domain the same as the internet presence of the organization.
    > For example, their internet domain name is organization.com and their Active
    > Directory domain is organization.com. However, their website and email are
    > hosted on the internet. Whenever a local request is issued by a client for
    > organization.com, the WIN2K server intercepts the requests and then
    > subsequnetly times out. This happens for both web and mail traffic. The
    > local users can't get to their website and they can't send or receive email.
    > How do I fix this problem so that the WIN2K server sends requests for
    > organization.com on out to the proper place on the internet?
    >
    > Thank you. :o)
  2. Archived from groups: microsoft.public.win2000.dns (More info?)

    Thanks, Steve. I'm pretty sure the delegation is going to take care of it.
    Delegation is the best option since the organization doesn't have in-house IT
    staff. :)
  3. Archived from groups: microsoft.public.win2000.dns (More info?)

    Well, I setup a delegation for *.organization.com and another for
    mail.organization.com and everything worked great!...for about 3 to 4 hours.
    Now, no one can access mail.organization.com anymore. Do I need to setup an
    MX record? I'm unsure why the delegation worked for a time and then quit?
  4. Archived from groups: microsoft.public.win2000.dns (More info?)

    "" wrote:
    > Hello. I'm having trouble with a new Windows 2000 Advanced
    > Server
    > installation. Everything is working great (internet, local
    > logins, etc.)
    > except for one thing.
    >
    > I setup the domain the same as the internet presence of the
    > organization.
    > For example, their internet domain name is organization.com
    > and their Active
    > Directory domain is organization.com. However, their website
    > and email are
    > hosted on the internet. Whenever a local request is issued by
    > a client for
    > organization.com, the WIN2K server intercepts the requests and
    > then
    > subsequnetly times out. This happens for both web and mail
    > traffic. The
    > local users can't get to their website and they can't send or
    > receive email.
    > How do I fix this problem so that the WIN2K server sends
    > requests for
    > organization.com on out to the proper place on the internet?
    >
    > Thank you. :o)

    add the www and the smtp records to the internal zone

    Cheers,

    --
    Posted using the http://www.windowsforumz.com interface, at author's request
    Articles individually checked for conformance to usenet standards
    Topic URL: http://www.windowsforumz.com/DNS-Active-Directory-ISP-hosted-domains-ftopict551975.html
    Visit Topic URL to contact author (reg. req'd). Report abuse: http://www.windowsforumz.com/eform.php?p=1749315
  5. Archived from groups: microsoft.public.win2000.dns (More info?)

    You definitely need a local MX record - this is not a delegation, but it can refer to the name you delegated.

    It continued to work because clients cache this sort of information. You should use nslookup after you setup your configuration -
    this bypasses client caching and will verify that your names can be queried successfully. Alternatively, you can use ipconfig
    /flushdns on a client to clear the cache and force names to be re-resolved.

    Steve Duff, MCSE
    Ergodic Systems, Inc.

    "Fyrestryke" <Fyrestryke@discussions.microsoft.com> wrote in message news:9087D890-27D2-4B23-97CF-471762B50662@microsoft.com...
    > Well, I setup a delegation for *.organization.com and another for
    > mail.organization.com and everything worked great!...for about 3 to 4 hours.
    > Now, no one can access mail.organization.com anymore. Do I need to setup an
    > MX record? I'm unsure why the delegation worked for a time and then quit?
Ask a new question

Read More

Internet Service Providers Internet Domain Active Directory Windows