SQLDave
asked on
NSLookup is returning the FQDN of my domain controllers
I set up a new zone of a web site. I specified 2 names servers: ns1.[INTERNET_DOMAIN_NAME]
When I run NSLookup against either name server, it shows those to FQDNs but it also returns the FQDN of both of my domain controllers. There are only 2 NS records in the zone. Why would it be returning 4 records and exposing that information publicly and how can I prevent that?
Thx so much,
Dave
When I run NSLookup against either name server, it shows those to FQDNs but it also returns the FQDN of both of my domain controllers. There are only 2 NS records in the zone. Why would it be returning 4 records and exposing that information publicly and how can I prevent that?
Thx so much,
Dave
Nagendra Pratap Singh
Is it possible to upload the output with actual details masked?
ASKER
I'm not sure how useful that would be, but I did here is the results of just looking up google
The only difference in my scenario is that along with the 2 public NS records, it is also publishing my domain controllers complete with FQDN and their internal IP addresses.
The only difference in my scenario is that along with the 2 public NS records, it is also publishing my domain controllers complete with FQDN and their internal IP addresses.
ASKER
It might help to add that if I create another new zone and don't add any NS records, it will still return 2 servers ( my domain controllers and their internal IPs ).
1-Do you perform the query from a workstation that joined to the domain ?
2-Is your query performed using the organization's internet connectivity ( from inside) or from outside ( public connectivity )?
2-Is your query performed using the organization's internet connectivity ( from inside) or from outside ( public connectivity )?
outside PCs cannot connect to your DNS so it is all OK.
ASKER
This DNS is for public consumption and the same information was definately public as it showed up using this tool as well.
http://network-tools.com/default.asp?prog=dnsrec&host=google.com
http://network-tools.com/default.asp?prog=dnsrec&host=google.com
Are you using same domain for public and internal namespacr?
If so, you nead to split the zone to have external zone on separate DNS server and the internal zone on internal DNS/DC.
Do not store external DNS zone as AD integrated zone on internal DCs
If so, you nead to split the zone to have external zone on separate DNS server and the internal zone on internal DNS/DC.
Do not store external DNS zone as AD integrated zone on internal DCs
ASKER
It is not the same domain, but it is the same server.
So I should set up 2 seperate DNS servers to service external DNS and make sure they are not AD integrated?
So I should set up 2 seperate DNS servers to service external DNS and make sure they are not AD integrated?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
This question has been classified as abandoned and is closed as part of the Cleanup Program. See the recommendation for more details.