• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 65
  • Last Modified:

NSLookup is returning the FQDN of my domain controllers

I set up a new zone of a web site. I specified 2 names servers: ns1.[INTERNET_DOMAIN_NAME].com and ns2.[INTERNET_DOMAIN_NAME].com.

When I run NSLookup against either name server, it shows those to FQDNs but it also returns the FQDN of both of my domain controllers. There are only 2 NS records in the zone. Why would it be returning 4 records and exposing that information publicly and how can I prevent that?

Thx so much,
Dave
0
SQLDave
Asked:
SQLDave
1 Solution
 
Nagendra Pratap SinghCommented:
Is it possible to upload the output with actual details masked?
0
 
SQLDaveAuthor Commented:
I'm not sure how useful that would be, but I did here is the results of just looking up google
NSLookup for google
The only difference in my scenario is that along with the 2 public NS records, it is also publishing my domain controllers complete with FQDN and their internal IP addresses.
0
 
SQLDaveAuthor Commented:
It might help to add that if I create another new zone and don't add any NS records, it will still return 2 servers ( my domain controllers and their internal IPs ).
0
Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

 
balmasriCommented:
1-Do you perform the query from a workstation that joined to the domain ?
2-Is your query performed using the organization's internet connectivity ( from inside) or from outside ( public connectivity )?
0
 
Nagendra Pratap SinghCommented:
outside PCs cannot connect to your DNS so it is all OK.
0
 
SQLDaveAuthor Commented:
This DNS is for public consumption and the same information was definately public as it showed up using this tool as well.

http://network-tools.com/default.asp?prog=dnsrec&host=google.com
0
 
Henrik JohanssonSystems engineerCommented:
Are you using same domain for public and internal namespacr?
If so, you nead to split the zone to have external zone on separate DNS server and the internal zone on internal DNS/DC.
Do not store external DNS zone as AD integrated zone on internal DCs
0
 
SQLDaveAuthor Commented:
It is not the same domain, but it is the same server.

So I should set up 2 seperate DNS servers to service external DNS and make sure they are not AD integrated?
0
 
Nagendra Pratap SinghCommented:
You should be able to use a forwarder for the external domains.
0
 
Seth SimmonsSr. Systems AdministratorCommented:
This question has been classified as abandoned and is closed as part of the Cleanup Program. See the recommendation for more details.
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now