Solved

Windows DNS Issue

Posted on 2012-03-15
8
302 Views
Last Modified: 2012-03-19
hi, I have a client with Windows 2003 AD network and their domain name is called domain.com
right now their mobile phones connect to Exchange server via A record pointer to a external FQDN name of Exchange server tha thappens to be something like mail.theirmaidomain.com
Please note that their AD domain name is different then their email\website domain name. So when phones ore on corporate Wifi they are trying to connect to external IP. I would lke to create a record in internal DNS server (located on Win2003 DC) so they go directly to internal IP. Something like mail.theirmaidomain.com pointing to internal IP instead of external IP.
Any time I create an A record or Cname it only allows me to create host.domain.com record - part of Fuly Qualified domain record. How do I go around it, similar to host file. Host file works only for one computer, I need to enforce this host record for all devices on the network.
0
Comment
Question by:mavrukin
  • 3
  • 2
  • 2
  • +1
8 Comments
 
LVL 2

Expert Comment

by:dipesm
ID: 37727527
create new zone instead of A record in your dns server
0
 
LVL 7

Expert Comment

by:micropc1
ID: 37727535
Create an A record for mail.theirdomain.com.domain.com, Internal clients will append the "domain.com" DNS suffix, which will turn "mail.theirdomain.com" into "mail.theirdomain.com.domain.com", which should resolve to the internal IP.
0
 
LVL 1

Author Comment

by:mavrukin
ID: 37727543
: micropc1 - Internal clients will append the "domain.co" DNS suffix? How do you get them to do this?
0
 
LVL 1

Author Comment

by:mavrukin
ID: 37727546
dipesm - I looked at new Zone, this might cause problems, as theirdomain.com is their real domain. they will not be able to open their website, not sure what esle. I would have to create bunch of records in DNS. Potential problems.
0
Swamped with email signature updates?

Have you been given a load of changes to make to your users’ email signatures? Having to manually implement multiple signatures for every department? Let Exclaimer save you from being swamped with email signature updates!

 
LVL 7

Expert Comment

by:micropc1
ID: 37727587
Depending on your setup you may need to deploy this setting via a group policy object. You can set it on an individual PC by going to Control Panel -> Network Connections -> Local Area Connection Properties -> IPv4 Properties -> Advanced -> DNS and checking the box that says 'Append these DNS Suffixes' and adding your DNS suffixes to the search order list.

Follow these instructions to configure a GPO with these settings... http://www.techrepublic.com/blog/datacenter/manage-dns-suffix-configuration-through-group-policy/2665
0
 
LVL 10

Expert Comment

by:172pilotSteve
ID: 37729453
I agree with the original concept of creating a new zone with the name of the external domain, and then creating an A record that points to the INTERNAL address of the desired host.  You're exactly right that you're going to have to pretty much duplicate everything that's in the externally facing DNS zone so that they can get to it internally, but that is a very common thing to do - Having different dns "views" from inside and outside...

The best way to do this quickly and easily, is to create your new zone file as a SECONDARY, pointing at the external DNS server as it's primary..  You'll have to have the public facing DNS server configured to allow zone transfers to you, but what you'll end up with is a copy of everything in the external zone, then you can just change the IP address of ONLY the A records that you need to point to internal addresses.  All the rest of the addresses will point to the same thing that the outside server has...
0
 
LVL 10

Accepted Solution

by:
172pilotSteve earned 500 total points
ID: 37729512
AHH....  one other thing you COULD try..  Wish I had thought of this before...  


Just tried it and it works GREAT...

Create a new zone, named for the whole hostname you're trying to override, for example, mail.theirdomain.com, then inside that domain, create a new "A" record with no host name, pointing to the internal address.  it will show up as hostname "Same as parent folder".  Then, it will override ONLY for that host (or subdomains of the host, so) but it will still go to the external server for the rest of the "theirdomain.com" domain.

I just tested by making a zone called "qqq.google.com" and created a host record pointing to 1.1.1.1 and if I ping "qqq.google.com" I get 1.1.1.1 while if I ping www.google.com, it still goes to the normal google site..

That should work GREAT for you, and is an easy solution for a one-off situation where you dont want to recreate a whole zone...

If there's a LOT of hosts you need to redirect, you'd still be better off creating the whole zone, otherwise there's just too much to manage.

Good luck!

-Steve
0
 
LVL 1

Author Closing Comment

by:mavrukin
ID: 37739592
Thank you, great solution. Just what I needed. This way I don't have to deal with Zone record recreation.
0

Featured Post

Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Scenario:  You do full backups to a internal hard drive in either product (SBS or Server 2008).  All goes well for a very long time.  One day, backups begin to fail with a message that the disk is full.  Your disk contains many, many more backups th…
Sometimes drives fill up and we don't know why.  If you don't understand the best way to use the tools available, you may end up being stumped as to why your drive says it's not full when you have no space left!  Here's how you can find out...
To efficiently enable the rotation of USB drives for backups, storage pools need to be created. This way no matter which USB drive is installed, the backups will successfully write without any administrative intervention. Multiple USB devices need t…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…

911 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now