Pointing to new IP temporarily

Hello everyone,

We have a domain setup here, where the domain controller provides DHCP/DNS/Active Directory services.  All the client terminals have the domain controller in their DNS settings (Network Settings).

One of our mail servers went down, and we moved it's location.  So, current CNAMES/DNS resolution is not fully transferred, however clients need access to their emails while I wait for transition.

So, I thought I would modify the hosts file on the domain controller to have an entry like:  200.234.342.343     mail.somedomain.net.   It works great when I ping mail.somedomain.net from the domain controller itself, but client terminal doesn't resolve and try to go to the old IP.  I've already flushed dns on domain controller and client terminal, so I'm unsure of what to do at this point.  ANy clues?  We're using Win Serv 2008 R2.

Who is Participating?
DanAgaDKConnect With a Mentor Commented:
The hosts file on the server only circumvents local name resolution on that server - it does not influence the way clients get their name resolution though the DNS service in that same server.
As I understand, you want your internal client to find their way to the temporary IP address of the mail server and thus internally override the IP address they get when asking for mail.somedomain.net.
In the DNS management console, add a new zone under Forward Lookup Zones. You can choose to store it in AD or not (I'd prefer not to as it is irrelevant for your local AD). The name of the zone must be the name (the hostname) of your mail server, mail.somedomain.net.
Once the zone is created, you add an A record which must be blank - thus adding an IP address for the name of the zone, which is the mail server temporary IP.
Make sure the TTL is appropriately low, so when you need to change back, the changes take effect at the maximum of the TTL value - eg. 5 minutes.
Clients may need to clear their perception (client cache) of the old IP, which may be held for a much longer (outside) TTL for the same name. Top clear the clients cache either reboot them or simpley issue this command on each client:  ipconfig /flushdns
Krzysztof PytkoSenior Active Directory EngineerCommented:
Create for temp in your DNS server A record for this IP address.
Krzysztof PytkoSenior Active Directory EngineerCommented:
of course clear hosts file on DC then :)
Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

If the transition is all at once, then
  if you have this set up correctly, you shoud be using a dns entry for your mail server.  Just modify the DNS entry.  They when they look for mail.somedomain.net, they will get the new address.  Once the new server is up with the old ip address, then just modify the DNS entry again.

If the transition is gradual, then
  set up a hosts file on a share and use gp to configure the effected clients to use the shared hosts file.  This way you can move over just a few at a time.
@DanAgaDK I'm confused, why is a new zone required?
Darius GhassemCommented:
Host file will not work. You need to change the CNAME, MX, and other records for mail server to point to the new IP address
The new zone is needed for the DNS server to have some (local only) data to serve to your clients internally. The A record insdide that zone file is exactly the data that the DNS server will feed your clients. Without that data, the DNS server would instead attempt to retrieve the publicly available data outside on the Internet. With the internal data you override the public data.
That answer is based on the assumption that you only need for YOUR local clients to point to this temporary address.
IF you need the whole Internet to repoint to the temporary address, then you need to make the change on the A record pointing to the old IP (and make that point to the new).
For any public host names referred to in an MX record please remember, that as per rfc's (can't remember which), you should use A records for mail servers and not CNAME records (pointing to an A record). Likewise, the PTR record for the IP involved should also point back to the correct name, also by which the server identifies itself when sending mails. Some receiving mail servers will otherwise reject connections if these requirements are not met.
- but the last half of this post is irrelevant for internal only visible changes... :-)
metazendAuthor Commented:
That was brilliant. Clear, concise, and it works. Thanks Dan.
I'm just trying to make sure I understand this so don't get upset, but...

@Dan are you assuming that there is no local dns?  Because I was assuming that an internal DNS already existed and there was an entry pointing to the email server.

@dariusg Why won't the host file work? You can point your operating system to use a shared host file on the network.  Windows will check the host file before the dns.  Using Group Policy, you can choose which computers use the shared host files and those who don't.  This is a workable solution for repointing some computers and not others.  Am I wrong here?  
metazendAuthor Commented:
Hi rfportilla,

Actually, I think that's a decent solution as well (group policy), but I have different ones setup for different groups, although I suppose I could have done this using a parent policy, but Dan's suggestion worked very quickly and it's fairly easy to keep track of it.  I had initially just tried it by modifying the hosts file on the dns server thinking that it would propagate to clients on the LAN since it affected the dns server it was modified on.  I think that's what dariusg was saying won't work, but he's thinking we didn't change the CNAME,MX,etc for public records, which it has been already, so he made that suggestion.

The situation stipulated was that this solution was only for local clients on the LAN to point to the new address, while CNAME,MX and such are in transition.  Although it's not supposed to take too long, users can't do with more than a few hours of no e-mail.  Just trying to minimize down time.

It's working great now thanks guys :)
Thanks Metazend.  I'm glad that worked.  My last comment wasn't really directed at you.  I just wanted clarification from Dan and Dariusg.  Like Dan, I was proposing a DNS solution, but I assumed that you had a DNS entry in place already.  And if you have a DNS entry already, there is no need to create a new zone.  Regarding dariusg, I wanted to make sure he wasn't suggesting that my hosts solution would not work b/c I've done it before.  ;-)  
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.