Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Windows DNS Issue

Posted on 2012-03-15
8
Medium Priority
?
309 Views
Last Modified: 2012-03-19
hi, I have a client with Windows 2003 AD network and their domain name is called domain.com
right now their mobile phones connect to Exchange server via A record pointer to a external FQDN name of Exchange server tha thappens to be something like mail.theirmaidomain.com
Please note that their AD domain name is different then their email\website domain name. So when phones ore on corporate Wifi they are trying to connect to external IP. I would lke to create a record in internal DNS server (located on Win2003 DC) so they go directly to internal IP. Something like mail.theirmaidomain.com pointing to internal IP instead of external IP.
Any time I create an A record or Cname it only allows me to create host.domain.com record - part of Fuly Qualified domain record. How do I go around it, similar to host file. Host file works only for one computer, I need to enforce this host record for all devices on the network.
0
Comment
Question by:mavrukin
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
  • 2
  • +1
8 Comments
 
LVL 2

Expert Comment

by:dipesm
ID: 37727527
create new zone instead of A record in your dns server
0
 
LVL 7

Expert Comment

by:micropc1
ID: 37727535
Create an A record for mail.theirdomain.com.domain.com, Internal clients will append the "domain.com" DNS suffix, which will turn "mail.theirdomain.com" into "mail.theirdomain.com.domain.com", which should resolve to the internal IP.
0
 
LVL 1

Author Comment

by:mavrukin
ID: 37727543
: micropc1 - Internal clients will append the "domain.co" DNS suffix? How do you get them to do this?
0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 
LVL 1

Author Comment

by:mavrukin
ID: 37727546
dipesm - I looked at new Zone, this might cause problems, as theirdomain.com is their real domain. they will not be able to open their website, not sure what esle. I would have to create bunch of records in DNS. Potential problems.
0
 
LVL 7

Expert Comment

by:micropc1
ID: 37727587
Depending on your setup you may need to deploy this setting via a group policy object. You can set it on an individual PC by going to Control Panel -> Network Connections -> Local Area Connection Properties -> IPv4 Properties -> Advanced -> DNS and checking the box that says 'Append these DNS Suffixes' and adding your DNS suffixes to the search order list.

Follow these instructions to configure a GPO with these settings... http://www.techrepublic.com/blog/datacenter/manage-dns-suffix-configuration-through-group-policy/2665
0
 
LVL 10

Expert Comment

by:172pilotSteve
ID: 37729453
I agree with the original concept of creating a new zone with the name of the external domain, and then creating an A record that points to the INTERNAL address of the desired host.  You're exactly right that you're going to have to pretty much duplicate everything that's in the externally facing DNS zone so that they can get to it internally, but that is a very common thing to do - Having different dns "views" from inside and outside...

The best way to do this quickly and easily, is to create your new zone file as a SECONDARY, pointing at the external DNS server as it's primary..  You'll have to have the public facing DNS server configured to allow zone transfers to you, but what you'll end up with is a copy of everything in the external zone, then you can just change the IP address of ONLY the A records that you need to point to internal addresses.  All the rest of the addresses will point to the same thing that the outside server has...
0
 
LVL 10

Accepted Solution

by:
172pilotSteve earned 2000 total points
ID: 37729512
AHH....  one other thing you COULD try..  Wish I had thought of this before...  


Just tried it and it works GREAT...

Create a new zone, named for the whole hostname you're trying to override, for example, mail.theirdomain.com, then inside that domain, create a new "A" record with no host name, pointing to the internal address.  it will show up as hostname "Same as parent folder".  Then, it will override ONLY for that host (or subdomains of the host, so) but it will still go to the external server for the rest of the "theirdomain.com" domain.

I just tested by making a zone called "qqq.google.com" and created a host record pointing to 1.1.1.1 and if I ping "qqq.google.com" I get 1.1.1.1 while if I ping www.google.com, it still goes to the normal google site..

That should work GREAT for you, and is an easy solution for a one-off situation where you dont want to recreate a whole zone...

If there's a LOT of hosts you need to redirect, you'd still be better off creating the whole zone, otherwise there's just too much to manage.

Good luck!

-Steve
0
 
LVL 1

Author Closing Comment

by:mavrukin
ID: 37739592
Thank you, great solution. Just what I needed. This way I don't have to deal with Zone record recreation.
0

Featured Post

NFR key for Veeam Agent for Linux

Veeam is happy to provide a free NFR license for one year.  It allows for the non‑production use and valid for five workstations and two servers. Veeam Agent for Linux is a simple backup tool for your Linux installations, both on‑premises and in the public cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Background Information Recently I have fixed file server permission issues for one of my client. The client has 1800 users and one Windows Server 2008 R2 domain joined file server with 12 TB of data, 250+ shared folders and the folder structure i…
Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question