Solved

howto: Wildcard subdomain delegate under Windows server

Posted on 2007-03-20
3
1,637 Views
Last Modified: 2008-05-31
To DNS guru's:

I have a global DNS domain called "myname.com", I have the same domain internally for my active directory with integrated DNS (Shadow dns).

The issue that I'm encountering is that when I try to reach a subdomain of "myname.com" from my internal network that it will not be resolved because on my internet dns server because it is looking into my internal dns server (Where the record doesn't exist)

So as a solution I was thinking to delegate internally a wildcard of my domain "*.myname.com" , hoping that when my internal dns can't resolve it, that it will forward the query to the external dns server.

But it doesn't work, can anyone help ?
0
Comment
Question by:sebastienbo
  • 2
3 Comments
 
LVL 71

Expert Comment

by:Chris Dent
ID: 18754905

You cannot delegate a Wildcard, it simply doesn't work and there's no way to make it work.

This is down to the implementation of the Wildcard in MS DNS. No two implementations of this mechanic seem to be the same, and none really match the RFC which doesn't do what people expect anyway.

You would have to delegate a Subdomain explicitly, or add any records you need within the main domain.

Sorry.

Chris
0
 
LVL 5

Author Comment

by:sebastienbo
ID: 18754949
Well if delegate won't work, is there another solution?

The AD integrated dns offers an option forwarders or conditional forwarders, but thos have effect on a complete domain/zone or on any domain/zone which isn't found in the local dns database.

Under linux I know that you could forward wildcards ns requests to another ns server, windows doesn't le you do that ?
0
 
LVL 71

Accepted Solution

by:
Chris Dent earned 500 total points
ID: 18754973

Nope, Windows DNS isn't BIND I'm afraid, the two implementations of Wildcards aren't the same (helpful isn't it?).

The only solution is to manually add specific delegations or specific conditional forwarders / stub zones for the Sub-Domains.

It won't forward or attempt to further resolve anything beneath a domain it's authoritative for unless you tell it to.

Chris
0

Featured Post

MIM Survival Guide for Service Desk Managers

Major incidents can send mastered service desk processes into disorder. Systems and tools produce the data needed to resolve these incidents, but your challenge is getting that information to the right people fast. Check out the Survival Guide and begin bringing order to chaos.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This script can help you clean up your user profile database by comparing profiles to Active Directory users in a particular OU, and removing the profiles that don't match.
This article shows how to deploy dynamic backgrounds to computers depending on the aspect ratio of display
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.

730 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question