humphrey06
asked on
Adding first Windows 2012 DC to existing domain using internal domain name same as public domain name
Current domain in Windows 2003. The internal domain name is xx.com (xx=their public domain name). There are approx 50 computers on the domain.
I know for creating new internal domain names, it is not recommended to use the public domain name (this was setup many years ago before this was known to be a future issue).
I am not sure if I should just ignore the "delegation for this dns server cannot be created" message and continue using the public domain name as the internal domain name (has never been a problem) or should I change the internal name from xx.com to sub.xx.com which I know is recommended by Microsoft. Trying to avoid this path due to the obvious disruption and the amount of work involved.
I know for creating new internal domain names, it is not recommended to use the public domain name (this was setup many years ago before this was known to be a future issue).
I am not sure if I should just ignore the "delegation for this dns server cannot be created" message and continue using the public domain name as the internal domain name (has never been a problem) or should I change the internal name from xx.com to sub.xx.com which I know is recommended by Microsoft. Trying to avoid this path due to the obvious disruption and the amount of work involved.
ASKER
Thanks for your comments.
I typically setup split DNS when installing new Exchange Servers where the internal and external domain names are different (e.g. domain.local versus domain.com) in order to make the certificates and autodiscover records, etc work.
However, since both internal and external are both named domain.com, for this particular site, I have been using only the local zone, domain.com, and manually adding the www.domain.com host record to point to the external website while all other records are pointing to the servers and various workstations internally - all within the same zone on our internal DNS servers.
I'm not sure how the split DNS would be setup in this case.
Please clarify. Thanks!
I typically setup split DNS when installing new Exchange Servers where the internal and external domain names are different (e.g. domain.local versus domain.com) in order to make the certificates and autodiscover records, etc work.
However, since both internal and external are both named domain.com, for this particular site, I have been using only the local zone, domain.com, and manually adding the www.domain.com host record to point to the external website while all other records are pointing to the servers and various workstations internally - all within the same zone on our internal DNS servers.
I'm not sure how the split DNS would be setup in this case.
Please clarify. Thanks!
ASKER
One more note that may be important. We do not publish our DNS servers to the Internet. Our primary domain.com zone is hosted externally by our ISP. Also, our website is being hosted externally.
This is the reason that I added the www record to our internal DNS servers so that the internal computers within the network could access the website properly.
This is the reason that I added the www record to our internal DNS servers so that the internal computers within the network could access the website properly.
who holds your external dns records for your www. address?
can you access and change your external dns records?
can you access and change your external dns records?
ASKER
Our ISP. I can change them.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
yes. we are doing that. for example, mail.domain.com and autodiscover.domain.com are pointing to the public IP of our network while www.domain.com is pointing to the external site hosting the website. I was under the impression that you were I suggesting that I setup a split DNS within our on DNS servers.
Sounds like we are OK then. Correct?
Sounds like we are OK then. Correct?
yes - works perfectly
ASKER
Thanks for all your help!
ASKER
I've requested that this question be closed as follows:
Accepted answer: 0 points for humphrey06's comment #a39473016
for the following reason:
Very timely and appreciated answering questions.
Accepted answer: 0 points for humphrey06's comment #a39473016
for the following reason:
Very timely and appreciated answering questions.
Thanks for all your help! - but no points???
Hopefully just a clicking mistake :)
ASKER
it was. I thought it would assign you all of the points automatically! How do assign the points?
You have choose the best anwser (post) and mark it as accepted.
ASKER
Thought I did that. Will try again.
you will have to create a split dns though - so your internal dns servers point to internal ip addresses and your external dns server advertisers (like account with fasthosts.co.uk which is free of charge and you can modify your external dns as you like) point to your external ip addresses (you should get few static ips from your isp) which is then - using your firewall or router NAT policy- transcived to your internal ip addresses.
http://www.isaserver.org/articles-tutorials/installation-planning/You_Need_to_Create_a_Split_DNS.html