Link to home
Create AccountLog in
Avatar of irc-corp
irc-corp

asked on

Configuring DNS for deploying Read Only Domain Controllers in data centre sites

In order to allow our servers in the data centre to authenticate through the domain I intend to install an RODC with the primary DC in the office, so they will be connected over VPN. This is to do away with the time consuming process of changing passwords manually.

We have three VLANs configured on the switch, one management, one for the webservers and one internal network (database servers).

The question relates to DNS.

How can I configure the servers to point at both the RODC for the AD authenication and externally for web access?

The management and internal VLANs cannot have internet access.

Reading up on this I think I'm right in saying that we will need a split-brain DNS setup, have I understood correctly?
SOLUTION
Avatar of arnold
arnold
Flag of United States of America image

Link to home
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
See answer
Avatar of irc-corp
irc-corp

ASKER

Only the webservers need to be able to resolve externally and they currently do.

How can I configure the webservers so that they are resolving both externally and internally without the DC/DNS exposing the other VLANs (internal and management) to the internet?

It will be a .local domain - currently this isn' t configured.
SOLUTION
Link to home
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
SOLUTION
Link to home
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
ASKER CERTIFIED SOLUTION
Link to home
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.