2012 Server Domain Name / DNS issues

This site retired an old 2003 DC.  It is a small company with a single server which is AD, DNS & file server.  This server was "domain.priv".  We abandoned the domain completely, popped in a 2012 R2 box & named it as domain.org (they own the domain name but their website, email, etc is hosted with network solutions thus if you ping domainname.org it resolves to a network solutions public IP.

To complicate things a bit every machine in the building has 2 NIC's.  Once nic is for the inside network (192.168.46.*) & has no gateway.  The other nic connects them to the internet via DHCP from a comcast router.

We joined all pc's to the new domain.  However, we are having big time dns issues meaning logins take forever, gpo won't apply (cannot resolve), etc.

I am not at all great with dns.  What are my options?  I was considering renaming the domain to domain.local using this how to:

Any help would be hugely appreciated.
Thank you.
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

webclickusaAuthor Commented:
The internet network is a 192.168.1.* scheme.
The problem is that the computers aren't authenticating with the Domain Controller because it doesn't know where to look.

The whole two NIC thing is strange.  There should be one NIC and Internet control should be done on a firewall.

Anyhow, on the Internal NIC you'll need to give it a Default Gateway of the internal IP address of the router.  For IE:

Then you'll need to configure the DNS servers on the clients NIC cards to point to the domain controller.  Primary DNS will be the domain controller that has DNS on it.

Then the client will know where to authenticate and what DNS to use.  Group policies will then apply upon logon.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Is the server connected to the Internet as well?  If so, point all client PC's DNS to the server.  This will allow Active Directory to function properly and authenticate users.  In the DNS server properties, configure the forwarder to point to the Comcast modem.

In this scenario, the client PC's will ask the server for the address of Google (for example).  The server will send the request to the Comcast modem, which will in turn send it out to the Internet.

Definitely agree that the best route is to just have a single NIC on all the client machines.

You may be able to have things work as is if you make sure the NIC for the internal network is listed first in the binding order.  With any luck that would mean that DNS queries are sent out on that NIC first and properly resolved (by the internal DNS server) before any timeouts occur.

I don't think renaming your domain will fix anything.
webclickusaAuthor Commented:
The 2nd NIC was pulling a DHCH from the gateway of the internet router.
The internal network has no router.

Pointing DNS on the 2nd NIC to the inside DNS server fixed the problem.
Thank you!
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows Server 2012

From novice to tech pro — start learning today.