Fix DNS entry, added www A record for domain who's website is the same and now gets www.www.domain.com when typing in

BriPC
BriPC used Ask the Experts™
on
Hello,
I have a domain who's externally hosted website is the same .com extension.. so when someone on the domain types    domain.com they get the 403 access denied error (unless you prefix w/ https:// then it goes to unsetup web iis service)
The externally hosted website is www.domain.com
I created an A record in the DNS server for www to point it to the web host ip. However, now when you type in www.domain.com from within the domain, it resolves in the address bar as www.www.domain.com  .... How can I correct this situation?
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Distinguished Expert 2017

Commented:
unfortunately under these circumstances the issue is
1) double check the name of the zone, making sure the name of the zone is not www.domain.com
2) the issue might be on the configuration of the server that redirects...

nslookup  -debug www.yourdomain.com.
Chad FranksSenior System Engineer

Commented:
Sounds like a  redirect issue.  Is this an IIS web server?

Author

Commented:
@Chad, when you type in https://domain.com you receive an IIS7 webpage that says welcome... Don't believe it has ever been setup further..

@Arnold , I am pretty novice in DNS, extra direction is somewhat necessary...
NSlookup command ran , lots of info came back, what exactly am i looking for here?
CompTIA Security+

Learn the essential functions of CompTIA Security+, which establishes the core knowledge required of any cybersecurity role and leads professionals into intermediate-level cybersecurity jobs.

Distinguished Expert 2017

Commented:
what is the record for www.domain.com? is it a CNAME or an A record?

the -debug includes information in cycles i.e. what/which server was asked, what was the response, etc.

run without the -debug.
if the response is an A record to an IP or a CNAME to domain.com.
Then your issue is with a redirect on the web server.
if you go to https://domain.com and end up at the default web site of IIS, this means you have a binding misconfiguration issue.
you need to make sure the site on IIS for domain.com and www.domain.com if they both to be accessible securely, check the binding of the default site to make sure it is not listening on port 443 ......
On the domain.com site, make sure the bindings here are using 443 on the LAN IP to which
note if you have bindings on non secure connection to use domain.com and www.domain.com in the host header of the binding to make sure IIS will route unsecure connections to http://domain.com and http://www.domain.com to this site.

the duplication is unclear to me where it is comming from at this time.

nslookup and checking the iis configuration/logs may shed light on the source of the extra references.

presumably you are using windows DNS? or the registrar DNS?

If the DNS zone you are editing is www.domain.com and you add a www record there, it translates as
www.www.domain.com

A record within a zone on the left side is prepended to the zone name in which it is added.

somesubdomain.somedomain.com
adding a www record within will mean
www.somesubdomain.somedomain.com

a hostname and a subdomain have the same format they are differentiated by their use.
A hostname does not have sub categories while a subdomain can have additional subdomain, or other records within.  It is of the type you know what it is when you see it.

Author

Commented:
@Arnold
There is
NS record of server.domain.com
SOA [4751], Server.domain.com
A record   www     pointing to webhost ip address

Ran NSLookup w/out -debug,
Server: Unknown
Address: ::1
name: www.domain.com

address: (webhost ip address)

I don't know how to check if things are binding, also we have port 443 used for OWA..

DNS is configured and hosted by the server (windows server 2008)

The DNS zone i am editing is domain.com

Trying my best to keep up with you, thank you for your patience
Distinguished Expert 2017

Commented:
Check the IIS admin console, you have. Default site and a domain.com site?
Under the domain.com site, look at bindings.

What are your goals?

Do you have one or multiple public IPs?

Do you want owa.domain.com to access your OWA.
Www.yourdomain.com and domain.com is something else.

Each site has binding..  This is how IIS can distinguish between the sites it hosts
Domain.com port 80
Www.domain.com port 80 are another pointing/telling IIS to load site1

Do you have more than one web site? Check with whether the domain.com U.S. Somehow reflected as www.www.domain.com.

I'm still unclear if you do not have a www.www record in your domain.com zone, not sure where it is coming from.

Doesthedomain registration record reflect your or a web hosts name servers?
Www.betterwhois.com list the public registration record.
I have a domain who's externally hosted website is the same .com extension.. so when someone on the domain types    domain.com they get the 403 access denied error (unless you prefix w/ https:// then it goes to unsetup web iis service)
So, domain.com resolves to your domain controller?

The externally hosted website is www.domain.com
I created an A record in the DNS server for www to point it to the web host ip. However, now when you type in www.domain.com from within the domain, it resolves in the address bar as www.www.domain.com  .... How can I correct this situation?
What browser are you using?  Have you tested with other browsers?
Many browsers can be configured to prepend "www." when they are unable to reach the requested website.

Have you verified that the website you're trying to reach can be accessed using its IP address?
Distinguished Expert 2017

Commented:
asavener highlighted something that my read of it missed.
under no circumstances alter the domain.com record in your local DNS as it is used to resolve \\domain.com\sharename.

add a www pointing to the externally hosted IP address.
Only www.domain.com will work to view your site from the inside.

you could add a redirect site on IIS when it sees a web request for domain.com to redirect to www.domain.com which your DNS will reflect as hosted at the external IP reflected on the DNS zone with your domain registrar/hosted domain DNS console/web interface.
Note should they change the IP, your internal users will start experiencing issues until you update your internal DNS to reflect the change.

This is the reason often the suggestion is to use non-public domain names for your AD domain.

Author

Commented:
@Arnold & @asavener, gonna answer as best as i can...  Going to skip over IIS as I am not using it nor am i going to at this junction...

Browser: Chrome seems to automatically append the additional www. record. This does not happen using internet explorer, it errors out as this page can't be displayed...

@asavener Domain.com resolves to my domain controller = Yes

@asavener Have you verified that the website you're trying to reach can be accessed using its IP address? yes, then points to www.domain.com  , still not accessible

@arnold add a www pointing to the externally hosted IP address.
Only www.domain.com will work to view your site from the inside.
 This is what I've done, it worked at first then a week later, no workee...

@arnold What are your goals? to be able to view website from within domain

@arnold Do you want owa.domain.com to access your OWA.
Www.yourdomain.com and domain.com is something else.
it has a different address .. mail.domain.com/owa but it works...

@arnold, no other website

@whois reflects correct info


I'm attaching all DNS records with "domain" blocked out for your review..
wix-dns.pngdns-server.png
So go to a client and run ipconfig /all.  Verify that the DNS servers listed are your internal DNS servers.

Then run ipconfig /flushdns to clear any cached entries.

Then try to ping www.domain.com.  Does it resolve to the correct address?

The external webserver isn't redirecting to domain.com or something weird?

If the ping the does not resolve to the correct address, run nslookup <dns server ip> then enter www.domain.com and see what resolves.

Author

Commented:
IPConfig /all shows our internal server for the address ..
please note: ** I have had to edit the hosts file manually on about half of the computers to reflect :
server ip server
server ip server.domain.com
server ip domain.com
otherwise, outlook says disconnected and other problems accessing domain. Here is the link to the issue that may help with more info. only a workaround was found, not actually fixed which is what i'm attempting here.....

Ping www.domain.com resolves to the right address (webhost)
nslookup points to our server ip address but in the server entry ..  server: Unknown .
entering www.domain.com reflects correct information
Looks like you're getting DNS timeouts.  If you were getting "not found" from a DNS lookup, then subsequent tries would not work as the result would be cached for 15 minutes.  Instead of "not found" you're just not getting a response.

This could indicate a performance issue (the DNS server is overwhelmed), a configuration issue, or a network issue (dropped traffic).

Can you ping your DNS server reliably?  Is there excessive jitter?  (round trip time varies a lot)  Does the ping take more than, say, 50 milliseconds?

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial