Solved

Windows DNS Issue

Posted on 2012-03-15
8
304 Views
Last Modified: 2012-03-19
hi, I have a client with Windows 2003 AD network and their domain name is called domain.com
right now their mobile phones connect to Exchange server via A record pointer to a external FQDN name of Exchange server tha thappens to be something like mail.theirmaidomain.com
Please note that their AD domain name is different then their email\website domain name. So when phones ore on corporate Wifi they are trying to connect to external IP. I would lke to create a record in internal DNS server (located on Win2003 DC) so they go directly to internal IP. Something like mail.theirmaidomain.com pointing to internal IP instead of external IP.
Any time I create an A record or Cname it only allows me to create host.domain.com record - part of Fuly Qualified domain record. How do I go around it, similar to host file. Host file works only for one computer, I need to enforce this host record for all devices on the network.
0
Comment
Question by:mavrukin
  • 3
  • 2
  • 2
  • +1
8 Comments
 
LVL 2

Expert Comment

by:dipesm
ID: 37727527
create new zone instead of A record in your dns server
0
 
LVL 7

Expert Comment

by:micropc1
ID: 37727535
Create an A record for mail.theirdomain.com.domain.com, Internal clients will append the "domain.com" DNS suffix, which will turn "mail.theirdomain.com" into "mail.theirdomain.com.domain.com", which should resolve to the internal IP.
0
 
LVL 1

Author Comment

by:mavrukin
ID: 37727543
: micropc1 - Internal clients will append the "domain.co" DNS suffix? How do you get them to do this?
0
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 
LVL 1

Author Comment

by:mavrukin
ID: 37727546
dipesm - I looked at new Zone, this might cause problems, as theirdomain.com is their real domain. they will not be able to open their website, not sure what esle. I would have to create bunch of records in DNS. Potential problems.
0
 
LVL 7

Expert Comment

by:micropc1
ID: 37727587
Depending on your setup you may need to deploy this setting via a group policy object. You can set it on an individual PC by going to Control Panel -> Network Connections -> Local Area Connection Properties -> IPv4 Properties -> Advanced -> DNS and checking the box that says 'Append these DNS Suffixes' and adding your DNS suffixes to the search order list.

Follow these instructions to configure a GPO with these settings... http://www.techrepublic.com/blog/datacenter/manage-dns-suffix-configuration-through-group-policy/2665
0
 
LVL 10

Expert Comment

by:172pilotSteve
ID: 37729453
I agree with the original concept of creating a new zone with the name of the external domain, and then creating an A record that points to the INTERNAL address of the desired host.  You're exactly right that you're going to have to pretty much duplicate everything that's in the externally facing DNS zone so that they can get to it internally, but that is a very common thing to do - Having different dns "views" from inside and outside...

The best way to do this quickly and easily, is to create your new zone file as a SECONDARY, pointing at the external DNS server as it's primary..  You'll have to have the public facing DNS server configured to allow zone transfers to you, but what you'll end up with is a copy of everything in the external zone, then you can just change the IP address of ONLY the A records that you need to point to internal addresses.  All the rest of the addresses will point to the same thing that the outside server has...
0
 
LVL 10

Accepted Solution

by:
172pilotSteve earned 500 total points
ID: 37729512
AHH....  one other thing you COULD try..  Wish I had thought of this before...  


Just tried it and it works GREAT...

Create a new zone, named for the whole hostname you're trying to override, for example, mail.theirdomain.com, then inside that domain, create a new "A" record with no host name, pointing to the internal address.  it will show up as hostname "Same as parent folder".  Then, it will override ONLY for that host (or subdomains of the host, so) but it will still go to the external server for the rest of the "theirdomain.com" domain.

I just tested by making a zone called "qqq.google.com" and created a host record pointing to 1.1.1.1 and if I ping "qqq.google.com" I get 1.1.1.1 while if I ping www.google.com, it still goes to the normal google site..

That should work GREAT for you, and is an easy solution for a one-off situation where you dont want to recreate a whole zone...

If there's a LOT of hosts you need to redirect, you'd still be better off creating the whole zone, otherwise there's just too much to manage.

Good luck!

-Steve
0
 
LVL 1

Author Closing Comment

by:mavrukin
ID: 37739592
Thank you, great solution. Just what I needed. This way I don't have to deal with Zone record recreation.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
changing harddisk on computer in corporate 10 67
How to set IPSec under Server 2008 R2 and Server 2012 R2 3 42
powershell script 9 62
Separate DNS forwarding 2 16
I had a question today where the user wanted to know how to delete an SSL Certificate, so I thought that I would quickly add this How to! Article for your reference. WHY WOULD YOU WANT TO DELETE A CERTIFICATE? 1. If an incorrect certificate was …
While rebooting windows server 2003 server , it's showing "active directory rebuilding indices please wait" at startup. It took a little while for this process to complete and once we logged on not all the services were started so another reboot is …
This tutorial will walk an individual through locating and launching the BEUtility application to properly change the service account username and\or password in situation where it may be necessary or where the password has been inadvertently change…
This tutorial will walk an individual through the steps necessary to install and configure the Windows Server Backup Utility. Directly connect an external storage device such as a USB drive, or CD\DVD burner: If the device is a USB drive, ensure i…

790 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question