taiell0
asked on
Lockdown internet using DNS server
I tried something yesterday that didn't work very well and I'm hoping you can spot the error.
A client of ours wanted to lock down the internet for their users while keeping the managers free to do whatever.
There are 2 DNS servers there. One forwards out to the internet and I configured the second as a forwarder to opendns.com. DNS2 was configured as a secondary zone to DNS1. I put the 4 XP computer accounts into their own OU and applied a group policy to assign DNS2 as their DNS server.
When the policy replicated, however, they didn't have access to their main database (hosted on DNS1) or the Internet.
I ended up having to undo the whole solution last night and now we're back where we started - with DNS2 disabled and all machines pointing to DNS1.
What do you guys think?
A client of ours wanted to lock down the internet for their users while keeping the managers free to do whatever.
There are 2 DNS servers there. One forwards out to the internet and I configured the second as a forwarder to opendns.com. DNS2 was configured as a secondary zone to DNS1. I put the 4 XP computer accounts into their own OU and applied a group policy to assign DNS2 as their DNS server.
When the policy replicated, however, they didn't have access to their main database (hosted on DNS1) or the Internet.
I ended up having to undo the whole solution last night and now we're back where we started - with DNS2 disabled and all machines pointing to DNS1.
What do you guys think?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.