?
Solved

Can DNS Host records be artificial after Domain merge?

Posted on 2017-10-12
8
Medium Priority
?
67 Views
Last Modified: 2017-11-01
We are merging two domains into one.  We have a library, .lib domain that will be going away, and server objects merging into parent domain.  We want all the servers to maintain the .lib part of their name for application, web and certificate purposes.

We have the internal integrated AD DNS, and also an external DNS.  I assume on Internal - when objects are moved between domains, the .lib server will be removed and  the name will end in the only the primary domain.  I assume I can make .lib type Alias records for these pointing to new name.  For instance,  abc.lib.contoso.edu will become abc.contoso.edu when switching domains - and I can Alias abc.lib.contoso.edu to abc.contonso.edu.  Does that sound reasonable?

Then, on External DNS -- which is all manually can I just keep the abc.lib.contoso.edu with the same IP.  The 'real' server will be abc.contoso.edu -- but the IP will be the same.  Is there a need to setup a proper HOST record for abc.contoso.edu, then an Alias abc.lib.contoso.edu.  Can I just leave things exactly as they are and not worry about DNS replication, etc.. Essentially, can I just leave abc.lib.conoso.edu HOST record  - which is accurate now - the same after migration.  It's IP will NAT to proper server - IPs are staying all the same.  Will it matter that external HOST record is actually accurate as far as 'true' new server name?  Then there's nothing to replicate.
0
Comment
Question by:apsutechteam
  • 2
  • 2
  • 2
  • +2
8 Comments
 
LVL 39

Expert Comment

by:Aaron Tomosky
ID: 42329970
A host record will function exactly the same as a dns record for forward lookups. However I believe for reverse lookups and network browsing services you need the dns reverse lookups (to pull the name from the IP).
0
 

Author Comment

by:apsutechteam
ID: 42330040
I'm not sure what you mean -- HOST record functions exactly as DNS record.  Do you mean ALIAS record?  A HOST record is a DNS record, along with many others types.  Not sure how to interpret?

Are you saying other than Reverse  -  there isn't difference in using ALISA and HOST?/
Thanks
0
 
LVL 38

Accepted Solution

by:
Hypercat (Deb) earned 1000 total points
ID: 42330079
>>I can Alias abc.lib.contoso.edu to abc.contonso.edu.  Does that sound reasonable?

Yes, that will work perfectly.

>>Will it matter that external HOST record is actually accurate as far as 'true' new server name?

No, it doesn't matter; you can keep the same external host name if that's the URL that external users will use to connect.  If you have any secured sites, this means that your SSL certificates will also match, which is good.  And if you use the same URLs internally, then the alias will point the user to the correct site.
1
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 
LVL 38

Assisted Solution

by:Hypercat (Deb)
Hypercat (Deb) earned 1000 total points
ID: 42330088
P.S. As to Aaron's comment, I'm not sure what he's thinking either.  PTR records are only required for hosts; there's no such thing as a PTR record for an alias.  The alias points to the host record and if the host record has a PTR record, then that PTR is used if necessary.
0
 
LVL 20

Expert Comment

by:David Favor
ID: 42330115
Trying to guess at what you're getting at is difficult.

Best to provide an exact list of your current internal + external DNS records + likely someone can instantly answer your question.

To be clear, there is no such thing as a host record.

Three are A records, which relate a random string (host or domain) to an IP address.

There are CNAME records, which alias a new random string (host or domain) to an existing random string (host or domain).

If I understand what you're asking, you'd do this like this (snippet only, not complete zone file)...

abc              IN  A      1.1.1.1
abc.lib         IN CNAME abc.contoso.edu.

Open in new window


Difficult to suggest correct syntax, without seeing your entire zone file.

Tip: Run the following against your final zone file to ensure you've correctly setup all your records...

named-checkzone contoso.edu your-contoso.edu-zone-file-path

Open in new window

0
 
LVL 39

Expert Comment

by:Aaron Tomosky
ID: 42330124
I thought author was referring to a record in a HOSTS file. Correct, there is technically no such thing as a host record.
0
 
LVL 20

Expert Comment

by:David Favor
ID: 42330558
Actually, posting your entire zone file will likely get you an instant answer.

Guessing about a person's zone file layout will likely prove less than useful. There are just to many variations of zone file layouts.
0
 
LVL 27

Assisted Solution

by:DrDave242
DrDave242 earned 1000 total points
ID: 42341236
To be clear, there is no such thing as a host record.

While that's technically true, "host record" and "A record" are commonly used interchangeably (like "alias record" and "CNAME record"), and this is almost certainly what the OP means. A quick search of EE for dns "host record" returns over 4000 results, whereas dns "address record" returns only 257 (I suppose that'll be 258 now), so I doubt that terminology will be going away any time soon.

Hypercat's answer above is correct, if I'm interpreting the question correctly. Just be aware that if you create a CNAME record named abc.lib in the contoso.edu domain in Windows DNS, it will appear as a CNAME record named abc in a folder named lib within contoso.edu (representing the lib.contoso.edu subdomain) in the DNS Manager console. If the lib folder doesn't exist already, it'll be created when you create that record.
0

Featured Post

A Cyber Security RX to Protect Your Organization

Join us on December 13th for a webinar to learn how medical providers can defend against malware with a cyber security "Rx" that supports a healthy technology adoption plan for every healthcare organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This process allows computer passwords to be managed and secured without using LAPS. This is an improvement on an existing process, enhanced to store password encrypted, instead of clear-text files within SQL
It’s time for spooky stories and consuming way too much sugar, including the many treats we’ve whipped for you in the world of tech. Check it out!
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
Suggested Courses

864 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question