Sign in with
Sign up | Sign in
Your question

Active Directory, DNS, and ISP hosted domains

Last response: in Windows 2000/NT
Share
Anonymous
June 30, 2005 5:43:06 PM

Archived from groups: microsoft.public.win2000.dns (More info?)

Hello. I'm having trouble with a new Windows 2000 Advanced Server
installation. Everything is working great (internet, local logins, etc.)
except for one thing.

I setup the domain the same as the internet presence of the organization.
For example, their internet domain name is organization.com and their Active
Directory domain is organization.com. However, their website and email are
hosted on the internet. Whenever a local request is issued by a client for
organization.com, the WIN2K server intercepts the requests and then
subsequnetly times out. This happens for both web and mail traffic. The
local users can't get to their website and they can't send or receive email.
How do I fix this problem so that the WIN2K server sends requests for
organization.com on out to the proper place on the internet?

Thank you. :o )
Anonymous
June 30, 2005 10:08:44 PM

Archived from groups: microsoft.public.win2000.dns (More info?)

Your DNS claims to be authoritative for "organization.com" so it sees no need to forward any queries it receives. It should however
just return a negative response, not a timeout.

You simply need to create "shadow" entries in your local zone's DNS server for the various public names. For example, if
www.organization.net is 111.22.3.4, then you need to add an A record to your inside DNS server for www to point to this IP. That's
all. If you have a mail server you'll need to replicate the MX record(s) also.

Having to maintain these shadow entries can be a little annoying. One trick you can use is to create a delegation record instead of
an A record for the name. The delegated name servers for this name will be the public DNS name servers for your domain. This just
avoids the need to track changes manually to the IP address because your server now forwards queries to the public name server for
that name. Don't worry about it if you're not comfortable with this - creating A/MX/CNAME records works just fine, and there usually
aren't very many of them for the average domain.

Steve Duff, MCSE, MVP
Ergodic Systems, Inc.

"Fyrestryke" <Fyrestryke@discussions.microsoft.com> wrote in message news:109F4C8B-B2EF-4DBA-8592-6D0BC8B6546B@microsoft.com...
> Hello. I'm having trouble with a new Windows 2000 Advanced Server
> installation. Everything is working great (internet, local logins, etc.)
> except for one thing.
>
> I setup the domain the same as the internet presence of the organization.
> For example, their internet domain name is organization.com and their Active
> Directory domain is organization.com. However, their website and email are
> hosted on the internet. Whenever a local request is issued by a client for
> organization.com, the WIN2K server intercepts the requests and then
> subsequnetly times out. This happens for both web and mail traffic. The
> local users can't get to their website and they can't send or receive email.
> How do I fix this problem so that the WIN2K server sends requests for
> organization.com on out to the proper place on the internet?
>
> Thank you. :o )
Anonymous
July 1, 2005 11:42:03 AM

Archived from groups: microsoft.public.win2000.dns (More info?)

Thanks, Steve. I'm pretty sure the delegation is going to take care of it.
Delegation is the best option since the organization doesn't have in-house IT
staff. :) 
Related resources
Anonymous
July 1, 2005 5:57:03 PM

Archived from groups: microsoft.public.win2000.dns (More info?)

Well, I setup a delegation for *.organization.com and another for
mail.organization.com and everything worked great!...for about 3 to 4 hours.
Now, no one can access mail.organization.com anymore. Do I need to setup an
MX record? I'm unsure why the delegation worked for a time and then quit?
Anonymous
July 2, 2005 3:39:18 AM

Archived from groups: microsoft.public.win2000.dns (More info?)

"" wrote:
> Hello. I'm having trouble with a new Windows 2000 Advanced
> Server
> installation. Everything is working great (internet, local
> logins, etc.)
> except for one thing.
>
> I setup the domain the same as the internet presence of the
> organization.
> For example, their internet domain name is organization.com
> and their Active
> Directory domain is organization.com. However, their website
> and email are
> hosted on the internet. Whenever a local request is issued by
> a client for
> organization.com, the WIN2K server intercepts the requests and
> then
> subsequnetly times out. This happens for both web and mail
> traffic. The
> local users can't get to their website and they can't send or
> receive email.
> How do I fix this problem so that the WIN2K server sends
> requests for
> organization.com on out to the proper place on the internet?
>
> Thank you. :o )

add the www and the smtp records to the internal zone

Cheers,

--
Posted using the http://www.windowsforumz.com interface, at author's request
Articles individually checked for conformance to usenet standards
Topic URL: http://www.windowsforumz.com/DNS-Active-Directory-ISP-h...
Visit Topic URL to contact author (reg. req'd). Report abuse: http://www.windowsforumz.com/eform.php?p=1749315
Anonymous
July 3, 2005 8:00:58 PM

Archived from groups: microsoft.public.win2000.dns (More info?)

You definitely need a local MX record - this is not a delegation, but it can refer to the name you delegated.

It continued to work because clients cache this sort of information. You should use nslookup after you setup your configuration -
this bypasses client caching and will verify that your names can be queried successfully. Alternatively, you can use ipconfig
/flushdns on a client to clear the cache and force names to be re-resolved.

Steve Duff, MCSE
Ergodic Systems, Inc.

"Fyrestryke" <Fyrestryke@discussions.microsoft.com> wrote in message news:9087D890-27D2-4B23-97CF-471762B50662@microsoft.com...
> Well, I setup a delegation for *.organization.com and another for
> mail.organization.com and everything worked great!...for about 3 to 4 hours.
> Now, no one can access mail.organization.com anymore. Do I need to setup an
> MX record? I'm unsure why the delegation worked for a time and then quit?
!