third party message archiving application, change multiple DNS entries to multiple domains (yahoo, msn, google, etc)
hello! i am currently using a 3rd party email archiving company to archive messages from my company domain
its archiving all my instant messages from yahoo, msn, gmail, etc
currently, in our active directory DNS servers, we have zones for each unique domain (*.yahoo.com, *.oscar.aol.com, etc)
there are A LOT of zones... possibly 30
we need to point the DNS of the hostnames we were provided to our 3rd party proxy servers, so when the users login, they login to their instant messaging applications, it logs them into the 3rd party servers which allow us to archive the messages
in the event that the 3rd party servers are down, and we cant login to them, we need to implement a solution that will allow us to direct the users to the real/original ip addresses of the hostnames they are trying to contact at yahoo, msn, etc
currently, we have a file with all the dns records that we are going to add to the users HOSTS file in windows. but, this will take quite a bit of time,
im wondering if there is a better solution, that will allow us to change the ip addresses of the DNS entries on the DNS server, to use the actual addresses, possibly by using the DNS servers from our ISP (which, is what all other requests use if there is no zone in active directory
as you can imagine, changing the hosts file for 400 users might take some time!
its archiving all my instant messages from yahoo, msn, gmail, etc
currently, in our active directory DNS servers, we have zones for each unique domain (*.yahoo.com, *.oscar.aol.com, etc)
there are A LOT of zones... possibly 30
we need to point the DNS of the hostnames we were provided to our 3rd party proxy servers, so when the users login, they login to their instant messaging applications, it logs them into the 3rd party servers which allow us to archive the messages
in the event that the 3rd party servers are down, and we cant login to them, we need to implement a solution that will allow us to direct the users to the real/original ip addresses of the hostnames they are trying to contact at yahoo, msn, etc
currently, we have a file with all the dns records that we are going to add to the users HOSTS file in windows. but, this will take quite a bit of time,
im wondering if there is a better solution, that will allow us to change the ip addresses of the DNS entries on the DNS server, to use the actual addresses, possibly by using the DNS servers from our ISP (which, is what all other requests use if there is no zone in active directory
as you can imagine, changing the hosts file for 400 users might take some time!
ASKER
instead of deleting the zone, would i be able to PAUSE the zone?
hmm perhaps, it's a good thought, you'd have to try it and see. If the server still considers itself to be authoritative it won't forward or iteratively resolve the request.
Perhaps spawn a new zone to test it? You could use my web-site domain for the test. Create a Forward Lookup Zone called "indented.co.uk", verify you cannot resolve www.indented.co.uk. Pause the zone then try again.
If it doesn't immediately resolve try clearing the cache first (dnscmd /ClearCache). If it still fails while Paused the method isn't going to help.
Chris
Perhaps spawn a new zone to test it? You could use my web-site domain for the test. Create a Forward Lookup Zone called "indented.co.uk", verify you cannot resolve www.indented.co.uk. Pause the zone then try again.
If it doesn't immediately resolve try clearing the cache first (dnscmd /ClearCache). If it still fails while Paused the method isn't going to help.
Chris
ASKER
yea, i did exactly what you said for another website
i wasnt able to resolve to the website once i paused the zone.
there are about 40 zones that i would need to add in the event i deleted them, is there anyway to export the ones i have now, and then easily import 40 zones once i delete them, in the event i needed to?
i wasnt able to resolve to the website once i paused the zone.
there are about 40 zones that i would need to add in the event i deleted them, is there anyway to export the ones i have now, and then easily import 40 zones once i delete them, in the event i needed to?
dnscmd has a ZoneExport option:
dnscmd /ZoneExport thezone.com
That "should" take the zone and drop it to a file in C:\Windows\System32\DNS on your DNS server.
You should be able to re-add those using:
dnscmd /ZoneAdd thezone.com /Primary /file thezone.com.dns /load
It may need an additional change to AD integrated as a final step if you use that:
dnscmd /ZoneResetType thezone.com /DsPrimary /OverWrite_Ds
I imagine that lot will need tweaking and a good amount of testing, But it "should" work.
Chris
dnscmd /ZoneExport thezone.com
That "should" take the zone and drop it to a file in C:\Windows\System32\DNS on your DNS server.
You should be able to re-add those using:
dnscmd /ZoneAdd thezone.com /Primary /file thezone.com.dns /load
It may need an additional change to AD integrated as a final step if you use that:
dnscmd /ZoneResetType thezone.com /DsPrimary /OverWrite_Ds
I imagine that lot will need tweaking and a good amount of testing, But it "should" work.
Chris
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
If the system returns to service, put the zones and records back. Clients will reconnect via that service. This does depend a little on how the clients, and the service work along with any TTL values for those public records.
That is almost certainly easier to script and control than anything to do with hosts files. Especially considering that you'd have to purge the hosts files once it returns to service.
Chris