Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

New DNS server blocking website with same address name as domain

Posted on 2013-12-17
9
371 Views
Last Modified: 2013-12-21
Hoping someone can help.  

I just recently took SBS2012 off the network.  I replaced with Server2008 and made a domain forest of vidaliaga.com.

I then added a domain controller child to the network that housed the AD and called it hall.vidaliaga.com  Everything is trucking along...except....

Now, no one can access the website www.vidaliaga.com or thier pop 3.com email addresses.  Is it because the DNS server has the same name?  Do I need to add a rule, forwarder, etc.?

Any help whatsoever is appreciated!
0
Comment
Question by:carolinasgirl28
  • 4
  • 4
9 Comments
 
LVL 10

Expert Comment

by:George Khairallah
ID: 39724334
0
 

Author Comment

by:carolinasgirl28
ID: 39724438
I should have mentioned that I am not hosting our domain.  The website and email addresses are hosted by a third party.  It may be that the fact they cannot access the .com address or .com emails have nothing to do with the fact that I named our forest with the same .com   Does this still apply?
0
 
LVL 6

Expert Comment

by:smithandandersen
ID: 39724452
mistake #1 was creating a routable domain. your internal domain should be .int or local or even .bob if you like
Add a www record in your dns for your website and a mx record for your mail server
0
Webinar: Aligning, Automating, Winning

Join Dan Russo, Senior Manager of Operations Intelligence, for an in-depth discussion on how Dealertrack, leading provider of integrated digital solutions for the automotive industry, transformed their DevOps processes to increase collaboration and move with greater velocity.

 
LVL 10

Expert Comment

by:George Khairallah
ID: 39724509
As smithandandersen mentioned, best practice usually is to create a .local or similar domain, which is not the same as your public domain.
If you are still in the beginning stages of this, consider changing that.

And yes, you are correct regarding the reason they're not able to get to the outside addresses. Again, adding a www record, and an mx record pointing to the outside addresses will help with this situation.  Currently all DNS requests for anything that used to be on your external public domain is simply either being dropped if there is no DNS entry for it, or being resolved to an internal address which will go nowhere.

If you keep this model for your domain, you just have to remember to add the appropriate entries to point to your outside addresses.

Note that this is only for your internal DNS. This problem will only exist when clients are accessing external services from within your domain. From outside, everything will still be functional, as that would be relying on your external DNS.
0
 

Author Comment

by:carolinasgirl28
ID: 39725338
So far I have only set the one computer to be the forest and the second computer has a child domain and users set up.  No policies, etc. have been set.  

Am I too late to change it?  Would I have to rejoin all of the users back to the new domain and transfer all of thier docs and settings again?  I'd really like this network set up correctly but I know that putting the users through another profile change is also a nightmare.  The child domain computer looks like this...

dns tree  ad tree
0
 
LVL 10

Accepted Solution

by:
George Khairallah earned 500 total points
ID: 39725369
You can actually perform a domain rename operation on the domain. It's a few steps. but, by doing so, you're keeping the domain GUIDs intact, thereby, not affecting the client machine's domain memberships. You will have to reboot the machines (likely twice) for them to inherit the new domain names.

There is a detailed article to do so here:
http://www.farmahini.net/farmahini/step-by-step-guide-to-implementing-domain-rename/ 
and here:
http://blog.pluralsight.com/rename-active-directory-domain
0
 

Author Comment

by:carolinasgirl28
ID: 39725662
So in your opinion, would you rename the forest vidaliaga.com.local or vidaliaga.local ?
0
 
LVL 10

Expert Comment

by:George Khairallah
ID: 39725760
definitely vidaliaga.local that's actually best practice for internal domain names, or vidaliaga.int if you prefer.
0
 

Author Comment

by:carolinasgirl28
ID: 39728129
Thank you soooo much!  I am going to get cracking on this right away!
0

Featured Post

What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
2 Subnets, 2 routes, failover routing ? 3 56
Cisco IOS cempMemBufferPeak  notification SNMP 5 63
exclude a user from a deny permisssion 4 57
EIGRP Bandwidth 9 21
This is the first one of a series of articles I’ll be writing to address technical issues that are always referred to as network problems. The network boundaries have changed, therefore having an understanding of how each piece in the network  puzzl…
Creating an OSPF network that automatically (dynamically) reroutes network traffic over other connections to prevent network downtime.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

829 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question