• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 483
  • Last Modified:

Block domain zone company.local in Win2003 DNS Server from internet user

Dear All,

I have DNS with AD Integration in a Win2003.
That DNS Server has internal IP address.
It holding 2 domain zone company.local and company.com
How do I set Win2003 DNS Server so that zone company.local  can only be seen by internal user not by public user.
So that I am not exposing all internal server ip for public consumption.
1 solution is by using split DNS. 2 DNS Server, 1 for external user and 1 for internal. But that one mean I need to have 2 DNS server.

Any other idea

thanks
0
nbctcp
Asked:
nbctcp
1 Solution
 
northcideCommented:
you need two separate servers in a windows environment.  if you used BIND you could setup views that allow different answers to be given based on where the query comes from but microsoft dns doesnt hold that functionality....

you should never have public and private dns information on the same server as your AD server.  this is one of the most important security measures you address.  you are allowing the public (good and bad poeple) to touch your internal domain - big no no.
0
 
Computer101Commented:
Forced accept.

Computer101
EE Admin
0

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now