Solved

Multiple IPs on one NIC with the PC having Domain Controller running with Exchange (IIS) and Apache Web.

Posted on 2004-04-30
8
307 Views
Last Modified: 2010-04-12
What I would like to happen is this:

Have Domain Controller running exchange (IIS) bind to the first IP only and Apache bind to second IP only.  

What I have done so far:

Setup IIS to bind to only the first IP.
Setup apache to bind to second IP. Apache doesnt like this very much and wants all IPs so I set the apache to depnd on IIS to start so that IIS has a shot at getting the first IP before Apache tries to grab them all.
Setup different A records for both IPs in DNS.  

Problem I am having is:
DNS has the entries I made  -- DC1 --First IP, Apache1 --Second IP.  But the system keeps automatically putting in DC1 with both IPs and even though I delete the DC1 record with second IP it puts it back.  

Please help me get these two to get along...???
0
Comment
Question by:sbender99
  • 6
8 Comments
 
LVL 9

Expert Comment

by:jonoakley
ID: 10961977
Under Network connection properties TCP/IP properties --> Advanced-- >tab DNS un check Register this connection's address in DNS
0
 

Author Comment

by:sbender99
ID: 10961987
i tried that thinking that is what was happening but it didnt help the entries still came back.......
0
 
LVL 9

Expert Comment

by:jonoakley
ID: 10962854
0
 
LVL 9

Expert Comment

by:jonoakley
ID: 10962956
This addresses multiple zones and it doesn't really address restricting a singled out IPs on a multi addressed card.
0
What Is Threat Intelligence?

Threat intelligence is often discussed, but rarely understood. Starting with a precise definition, along with clear business goals, is essential.

 
LVL 9

Expert Comment

by:jonoakley
ID: 10963148
This will stop DDNS on a DC Remember AD cannot function without good DNS data
So DNS will have to be maintained manually
http://support.microsoft.com/default.aspx?scid=kb;en-us;198767&Product=win2000
0
 
LVL 9

Accepted Solution

by:
jonoakley earned 500 total points
ID: 10963278
Open regedit and navigate to the interface you want disabled I don't see it as possible for distinct addresses
Hive: HKEY_LOCAL_MACHINE
Key: SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\interface-name
Name: DisableDynamicUpdate
Type: REG_DWORD
Value:
1 Disables dynamic update registration
0 Enables dynamic update registration
0
 
LVL 7

Expert Comment

by:rhrowson
ID: 10966991
As a side note running a web server on a DC from a security point of view is known as a bad thing... The combination is very hard to secure properly
0
 
LVL 9

Expert Comment

by:jonoakley
ID: 10977808
Totally concur with rhrowson. Running any program on a Microsoft DC that requires an exposed internet port ie email, internet web host,  communication... is shaky at best. It would be totally contrary to the thought process of anyone thinking along the security lines. As a DC, if the server is compromised the hacker not only has access to the exposed program but potentially the entire SAM or AD. That could be construed as one great big owie.
0

Featured Post

Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

Join & Write a Comment

NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
Find out what the Office 365 disclaimer function is, why you would use it and its limited ability to create Office 365 signatures.
Excel styles will make formatting consistent and let you apply and change formatting faster. In this tutorial, you'll learn how to use Excel's built-in styles, how to modify styles, and how to create your own. You'll also learn how to use your custo…
This video shows how to remove a single email address from the Outlook 2010 Auto Suggestion memory. NOTE: For Outlook 2016 and 2013 perform the exact same steps. Open a new email: Click the New email button in Outlook. Start typing the address: …

746 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now