Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

New DNS server blocking website with same address name as domain

Posted on 2013-12-17
9
Medium Priority
?
389 Views
Last Modified: 2013-12-21
Hoping someone can help.  

I just recently took SBS2012 off the network.  I replaced with Server2008 and made a domain forest of vidaliaga.com.

I then added a domain controller child to the network that housed the AD and called it hall.vidaliaga.com  Everything is trucking along...except....

Now, no one can access the website www.vidaliaga.com or thier pop 3.com email addresses.  Is it because the DNS server has the same name?  Do I need to add a rule, forwarder, etc.?

Any help whatsoever is appreciated!
0
Comment
Question by:carolinasgirl28
  • 4
  • 4
9 Comments
 
LVL 10

Expert Comment

by:George Khairallah
ID: 39724334
0
 

Author Comment

by:carolinasgirl28
ID: 39724438
I should have mentioned that I am not hosting our domain.  The website and email addresses are hosted by a third party.  It may be that the fact they cannot access the .com address or .com emails have nothing to do with the fact that I named our forest with the same .com   Does this still apply?
0
 
LVL 6

Expert Comment

by:smithandandersen
ID: 39724452
mistake #1 was creating a routable domain. your internal domain should be .int or local or even .bob if you like
Add a www record in your dns for your website and a mx record for your mail server
0
Automating Your MSP Business

The road to profitability.
Delivering superior services is key to ensuring customer satisfaction and the consequent long-term relationships that enable MSPs to lock in predictable, recurring revenue. What's the best way to deliver superior service? One word: automation.

 
LVL 10

Expert Comment

by:George Khairallah
ID: 39724509
As smithandandersen mentioned, best practice usually is to create a .local or similar domain, which is not the same as your public domain.
If you are still in the beginning stages of this, consider changing that.

And yes, you are correct regarding the reason they're not able to get to the outside addresses. Again, adding a www record, and an mx record pointing to the outside addresses will help with this situation.  Currently all DNS requests for anything that used to be on your external public domain is simply either being dropped if there is no DNS entry for it, or being resolved to an internal address which will go nowhere.

If you keep this model for your domain, you just have to remember to add the appropriate entries to point to your outside addresses.

Note that this is only for your internal DNS. This problem will only exist when clients are accessing external services from within your domain. From outside, everything will still be functional, as that would be relying on your external DNS.
0
 

Author Comment

by:carolinasgirl28
ID: 39725338
So far I have only set the one computer to be the forest and the second computer has a child domain and users set up.  No policies, etc. have been set.  

Am I too late to change it?  Would I have to rejoin all of the users back to the new domain and transfer all of thier docs and settings again?  I'd really like this network set up correctly but I know that putting the users through another profile change is also a nightmare.  The child domain computer looks like this...

dns tree  ad tree
0
 
LVL 10

Accepted Solution

by:
George Khairallah earned 2000 total points
ID: 39725369
You can actually perform a domain rename operation on the domain. It's a few steps. but, by doing so, you're keeping the domain GUIDs intact, thereby, not affecting the client machine's domain memberships. You will have to reboot the machines (likely twice) for them to inherit the new domain names.

There is a detailed article to do so here:
http://www.farmahini.net/farmahini/step-by-step-guide-to-implementing-domain-rename/ 
and here:
http://blog.pluralsight.com/rename-active-directory-domain
0
 

Author Comment

by:carolinasgirl28
ID: 39725662
So in your opinion, would you rename the forest vidaliaga.com.local or vidaliaga.local ?
0
 
LVL 10

Expert Comment

by:George Khairallah
ID: 39725760
definitely vidaliaga.local that's actually best practice for internal domain names, or vidaliaga.int if you prefer.
0
 

Author Comment

by:carolinasgirl28
ID: 39728129
Thank you soooo much!  I am going to get cracking on this right away!
0

Featured Post

Threat Trends for MSPs to Watch

See the findings.
Despite its humble beginnings, phishing has come a long way since those first crudely constructed emails. Today, phishing sites can appear and disappear in the length of a coffee break, and it takes more than a little know-how to keep your clients secure.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
Resolve DNS query failed errors for Exchange
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
There's a multitude of different network monitoring solutions out there, and you're probably wondering what makes NetCrunch so special. It's completely agentless, but does let you create an agent, if you desire. It offers powerful scalability …

916 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question