How do I set up a DNS infrastructure using Windows Server 2008?

Posted on 2010-01-02
Last Modified: 2012-05-08
I own and the domain is registered through eNom.  It is not bound to any web host at the moment.

Using Amazon EC2, I am creating a Windows Server 2008 instance to be an Active Directory domain controller and I chose as my domain.  I am also going to create a separate web server and a separate Exchange server.

What is the appropriate way to configure a DNS server so that Active Directory works properly, and I can continue to add servers (such as  Would I need to add each entry to the settings on eNom, or can I configure a DNS server that will do this?  I need to know how to create a name server and what I should point the eNom settings to so that I can successfully use as a domain both in Active Directory and on the internet.
Question by:smkudelko
    LVL 74

    Accepted Solution

    Your external domain name is completely different to your internal domain name.

    Are you planning on hosting your website on your own servers?  You will still need to sugnup to an Internet name service for example this will allow you to setup A records for your domain name so that it can be accessed from the Internet.

    You then setup your domain controller (I personally prefer to use teamspearfish.local but it's not essential) you install Windows Server and run DCPROMO as part of the DCPROMO process you insalled DNS (you have to select this option during the DCPROMO)

    then later when you install Exchange it will be a member server of your internal domin (teamspearfish.local) and you configure accepted domains for allowing you to send mail from that domain name.
    LVL 2

    Expert Comment

    1. Register your domain name @any ISP like

    2. Setup your Domain Controller locally with DNS having the information for 'A" & 'MX' records & Zone as registered @ISP. Also make sure proper prefered DNS to be configured and ISP dns need to be configured @DNS forwarders.

    3, Install Exchange server internally as a member of Domain Controller & certtificate as necessary.

    4. Setup Webserver @ISP end or locally on DC having public IP configured @firewall to forward to the request to the webserver. I recommed to dedicate a separate server beacuse of load on DC.

    If any queries please update.

    LVL 27

    Expert Comment

    by:Jason Watkins

    I would use a different domain name for my internal, Active Directory domain than what is public-ally resolvable from the public Internet. Have the internal domain be something like teamspearfish.local, or

    Is a public web-host going be responsible for the domain's DNS, or are you going to handle that? Having separate DNS zones for internal and external queries can make things much more secure.
    LVL 74

    Expert Comment

    by:Glen Knight
    "1. Register your domain name @any ISP like

    you only need to register, and would be A records for

    "2. Setup your Domain Controller locally with DNS having the information for 'A" & 'MX' records & Zone as registered @ISP. Also make sure proper prefered DNS to be configured and ISP dns need to be configured @DNS forwarders."

    Please don't do this, your MX records should be held with your ISP along with any A records that you want used by the public.

    Your internal servers should all point to your INTERNAL DNS servers not your external ones you then use root hints (setup by default) or forwarders if you find your root hints to be unreliable as per:

    Featured Post

    Better Security Awareness With Threat Intelligence

    See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

    Join & Write a Comment

    Scenario:  You do full backups to a internal hard drive in either product (SBS or Server 2008).  All goes well for a very long time.  One day, backups begin to fail with a message that the disk is full.  Your disk contains many, many more backups th…
    Find out how to use Active Directory data for email signature management in Microsoft Exchange and Office 365.
    This tutorial will walk an individual through the steps necessary to configure their installation of BackupExec 2012 to use network shared disk space. Verify that the path to the shared storage is valid and that data can be written to that location:…
    This tutorial will show how to configure a new Backup Exec 2012 server and move an existing database to that server with the use of the BEUtility. Install Backup Exec 2012 on the new server and apply all of the latest hotfixes and service packs. The…

    728 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    22 Experts available now in Live!

    Get 1:1 Help Now