Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies. Only from Platform Scholar.
Solved
internal and external same domain name web site display problems
Posted on 2013-06-13
Hello all,
we have small office with active directory, dns and exchange server 2003 on single server. internal and external domain names are the same "mydomain.com". I have setup static host a record in internal dns server: mydomain.com forward lookup zone with "www" name so users could access company website hosted externally. this host a record points to external ip address of mycompany.com internet website. everything worked good for long until internet website reconstruction. website is developed under adobe flash. when users try to navigate www.mycompany.com it displays background color of the website with 0% (or 100% on some machines, or browsers) and do not load contents.
I tried to clear browsers cache, adobe flash player cache. cleared cache on local dns server, restarted dns service, but issue not resolved. it i manually change dns server ip address from internal dns server to external, then everything works. something wrong with internal dns server, though the iP address of the external website haven't changed.
pls, help, how can i resolve this problem.
we have small office with active directory, dns and exchange server 2003 on single server. internal and external domain names are the same "mydomain.com". I have setup static host a record in internal dns server: mydomain.com forward lookup zone with "www" name so users could access company website hosted externally. this host a record points to external ip address of mycompany.com internet website. everything worked good for long until internet website reconstruction. website is developed under adobe flash. when users try to navigate www.mycompany.com it displays background color of the website with 0% (or 100% on some machines, or browsers) and do not load contents.
I tried to clear browsers cache, adobe flash player cache. cleared cache on local dns server, restarted dns service, but issue not resolved. it i manually change dns server ip address from internal dns server to external, then everything works. something wrong with internal dns server, though the iP address of the external website haven't changed.
pls, help, how can i resolve this problem.
[X]
Welcome to Experts Exchange
Add your voice to the tech community where 5M+ people just like you are talking about what matters.
- Help others & share knowledge
- Earn cash & points
- Learn & ask questions
-
2
- +1
5 Comments
same on the domain controller itself. screen attached
SiteLoadProblem.png
SiteLoadProblem.png
Active today
My guess would be that it is a problem with the website design, not a problem with the internal DNS. For instance if some of the URLs in the HTML or flash code reference "domain.com" instead of "www.domain.com". Or perhaps there is a reference to some other name like "images.domain.com" for which you haven't created an A record on your internal DNS to point to the external IP.
Active today
I agree with footech. It's likely that something within the site's code references either domain.com (with no explicit hostname) or a hostname.domain.com FQDN that has no corresponding record in your internal DNS server.
If it's the latter, the fix is simple enough: create the necessary host record(s) on your server. (You may need to contact the site developer or run a packet trace to determine what FQDNs are being referenced.) Unfortunately, in my experience, the former is more likely, as referencing a site as domain.com rather than www.domain.com seems to be the hip thing among website designers nowadays, for reasons I'm sure someone thinks are valid.
If this is what's going on, you're in a bit of a fix. Creating a blank host record on your DNS server and pointing it to the website's IP address is a bad idea; it will fix the website issue, but it may cause issues with AD, which uses blank host records for DC location. Honestly, the best solution would be to contact the site developer and get them to change all references in the code to www.domain.com.
The root of the problem is that your internal and external domains have the same name. If the site developer won't change the site code, your alternative is to rename your AD domain. This is possible, but it can be a daunting task.
If it's the latter, the fix is simple enough: create the necessary host record(s) on your server. (You may need to contact the site developer or run a packet trace to determine what FQDNs are being referenced.) Unfortunately, in my experience, the former is more likely, as referencing a site as domain.com rather than www.domain.com seems to be the hip thing among website designers nowadays, for reasons I'm sure someone thinks are valid.
If this is what's going on, you're in a bit of a fix. Creating a blank host record on your DNS server and pointing it to the website's IP address is a bad idea; it will fix the website issue, but it may cause issues with AD, which uses blank host records for DC location. Honestly, the best solution would be to contact the site developer and get them to change all references in the code to www.domain.com.
The root of the problem is that your internal and external domains have the same name. If the site developer won't change the site code, your alternative is to rename your AD domain. This is possible, but it can be a daunting task.
Featured Post
Question has a verified solution.
If you are experiencing a similar issue, please ask a related question
A hard and fast method for reducing Active Directory Administrators members.
This process allows computer passwords to be managed and secured without using LAPS. This is an improvement on an existing process, enhanced to store password encrypted, instead of clear-text files within SQL
Attackers love to prey on accounts that have privileges.
Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
Suggested Courses
Course of the Month5 days, 11 hours left to enroll
664 members asked questions and received personalized solutions in the past 7 days.
Join the community of 500,000 technology professionals and ask your questions.