Re: DNS configuration on AD with server.org

From: Ace Fekay [MVP] (PleaseSubstituteMyActualFirstName&LastNameHere_at_hotmail.com)
Date: 07/27/04 

Date: Tue, 27 Jul 2004 19:09:56 -0400

In news:%23GCwKKBdEHA.3380@TK2MSFTNGP12.phx.gbl,
Mark Scott <m@rk-5c0tt@8lu3y0nd3r.c0.uk> asked for help and I offered my
suggestions below:
> I had a similar issue. you need to add A records to the 2 external
> servers under your DNS zone. also, if you are using ISA server,
> remove your domain from the LDT.
>
> CHeers
>
> Mark
>
HI Mark,

In any AD scenario, the ISP's DNS cannot be used for any AD members (DCs or
clients), which is what's causing the long log on times for the poster. As
Danny pointed out, only use the internal DNS.

If he has a split horizon zone, which apparently it is, (same name internal
and external), I would follow your suggestions to create records for:
mail.gmmtp.org

But I would not mess with the domain entry below, nor alter it on the
internal DNS server.
"gmmtp.org"

It can be changed and forced with a registry entry to change it to the
external website IP, but its not recommended.

Why, you ask?
Because this is called the LdapIpAddress that all DCs register into the zone
with the IPs of each and every DC in the domain. It is used for when the
client side extensions run the GetDcList function to apply GPOs,
specifically it queries for:
\\gmmtp.org\sysvol\gmmtp.org\policies\{GUID#ofThePolicy}

DFS also uses it.

Split horizon zones are problematic with this when the client needs to get
to their domain by http://gmmtp.org. May live without it and just use
www.gmmtp.org. Both the www and the mail records need to be created, as you
indicated, with the external IP addresses on the internal DNS. 

-- 
Regards,
Ace
Please direct all replies ONLY to the Microsoft public newsgroups
so all can benefit.
This posting is provided "AS-IS" with no warranties or guarantees
and confers no rights.
Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
Microsoft Windows MVP - Windows Server - Directory Services
Security Is Like An Onion, It Has Layers
HAM AND EGGS: A day's work for a chicken;
A lifetime commitment for a pig.
-- 
=================================

Relevant Pages

  • RE: exchange server cannot mount mailbox store
    ... What's the exact detailed DNS Events ... Type desired internal IP address of your SBS server. ... it will delete the reverse lookup zone if the zone no longer ... Microsoft CSS Online Newsgroup Support ...
    (microsoft.public.windows.server.sbs)
  • Re: Event 4515 :another copy of zone has been found
    ... running on the old 2000 server. ... I then installed DNS on ... I seem to remember hearing that if you just delete/remove the zone it ... Container), the Configuration Partition, and the Schema Partition. ...
    (microsoft.public.windows.server.dns)
  • Re: Replication between parent child domains
    ... install dns before i run the dcpromo on the melbourne server. ... DNS server will forward any query it can't answer, Checks zone ...
    (microsoft.public.windows.server.active_directory)
  • Re: Replication between parent child domains
    ... DNS server will forward any query it can't answer, Checks zone ... DNS Servers) all queries will go to tld DNS server (including Internet ... Stub zones: Stub zones contain a read-only copy with specific records ...
    (microsoft.public.windows.server.active_directory)
  • Re: DNS Redesign Issue
    ... -Using DNS console you can right-click the zone and export to a File, ... -To export a Zone and import that Zone in another DNS Server you need to use ... Create a child zone dallas on the DNS server in the child domain ...
    (microsoft.public.windows.server.dns)
Loading