Connection to External DNS Server

Hi,
I have an AD Integrated DNS Server + Domain Controller running on Windows 2003. Client PCs are authenticated via this AD root Domain, DNS server.

Scenario : Client PCs are authenticated to my AD Integrated DNS Server + Domain Controller. However, there is a new requirement whereby these PCs need to communicate with an External DNS server as well. Ex, when they need to access webmail.XXX.com from their PCs, this should route to an External DNS server as long as it realises that there is no such entry in my AD integrated DNS Server + Domain Controller. We cannot add a forwarder primarily as its a root "." server. We might not be able to delete the root and restart the DNS service due to any possible production issues etc.

If I create a Standalone DNS server with perhaps a forwarder request to an external DNS Server and if i want my Client PCs to be able to send a request when required (Ex. when they need to access webmail.xxx.com) What should I do ?
- Does my external DNS server need to be in the Domain as well ?
- Do i need to add an additional entry in my AD Integrated DNS Server + Domain Controller with an entry of my Standalone DNS Server (Hostname + IP) ?


What other alternatives are there pls ?
GGMUAsked:
Who is Participating?
 
Leon FesterConnect With a Mentor Senior Solutions ArchitectCommented:
DNS will only look at the second DNS server in your list if the first server is unavailable.

If primary DNS server does not have the record, then your PC won't ask the secondary DNS server if the primary DNS server was telling about the record.
0
 
npinfotechConnect With a Mentor Commented:
There is a second dns server listed on every netowk adapter; if your network is small, you may be able to get away with just adding an external dns server to every client.  

If you use DHCP, just add a second (external) DNS server in the properties of the DHCP server.
0
 
Leon FesterSenior Solutions ArchitectCommented:
What are the names of the DNS zones that you already have?
Do users need to access domain XXX.com for any other servers/services?

If not then create a zone on your DNS server called XXX.com.
Next, create an Host A record for webmail and give it the external address.
0
Worried about phishing attacks?

90% of attacks start with a phish. It’s critical that IT admins and MSSPs have the right security in place to protect their end users from these phishing attacks. Check out our latest feature brief for tips and tricks to keep your employees off a hackers line!

 
GGMUAuthor Commented:
Hi,
I already have a Secondary DC with an DNS entry. This Secondary DC replicates with my primary DC.
I can add a Third Dns entry on my DHCP Server but does that mean the Client PC will attempt to resolve the hostname from the 1st DNS entry and if it fails, try the 2nd entry and thereafter try resolving via the 3rd DNS entry ? or would it attempt a connection to the 1st DNS entry, and if it cannot resolve ----> Send a reply indicating that it could not find the host ! Thanks
0
 
GGMUAuthor Commented:
Hi,
Reckon you are right. What i basically need is for my internal DNS server to communicate with an External DNS Server to resolve addresses not present in my DNS server. When client PCs attempt to access an external address, we want the dns entry to be forwarded to the respective external dns server to resolve the hostname.

What other alternatives are there ? Thanks alot.
0
 
GGMUAuthor Commented:
Issue was only partially resolved
0
 
Leon FesterSenior Solutions ArchitectCommented:
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.