Re: DNS resolcing externally for local machines..

From: GaryB <GaryB@xxxxxxxxxxxxxxxxxxxxxxxxx>
Date: Mon, 24 Apr 2006 10:44:02 -0700

Hi Kevin, thanx for chipping in. I removed the external DNS entries from the
DHCP scope options and flushed DNS on client & cache on DC. I can now ping
all clients via FQDN but cannot access the internet unless its via our proxy
server (LAN).

This is the new client ipconfig /all

Windows IP Configuration

Host Name . . . . . . . . . . . . : XP_LAN_IT
Primary Dns Suffix . . . . . . . : corp.OURcompany.co.uk
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : corp.OURcompany
ADServer
OURcompany.co.uk
co.uk

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : LanServer
Description . . . . . . . . . . . : Broadcom NetXtreme 57xx Gigabit
Controller
Physical Address. . . . . . . . . : 00-0F-1F-E7-8A-F3
Dhcp Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IP Address. . . . . . . . . . . . : 192.168.45.141
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.45.1
DHCP Server . . . . . . . . . . . : 192.168.45.10
DNS Servers . . . . . . . . . . . : 192.168.45.10
Primary WINS Server . . . . . . . : 192.168.45.10
Lease Obtained. . . . . . . . . . : 24 April 2006 18:21:04
Lease Expires . . . . . . . . . . : 19 January 2038 04:14:07

Does that look better without the external DNS servers? Any reason why I
wouldnt be able to access the internet directly without proxy? The gateway is
a firewall which up until I removed the entries was fine.. I have searched
DNS and cannot locate any wildcard entries, but will try to do as suggested
with the group policy. Is this common practice as I couldnt find any ms docs
on it..so far!

Thanx again
G

Yes, remove the external DNS servers, use only the internal DNS.

I suspect the problem arises from the DNS suffix search list and a Wildcard
record in the public DNS zone for companyname.co.uk. When the client appends
the suffixes it starts at corp.companyname.co.uk
Then companyname.co.uk which hits the wildcard, and resolves to your website
address.

You really need to assign a custom DNS suffix search list containing only
corp.companyname.co.uk. to prevent clients from searching the public zone.

You can do this a a group policy for XP and Win2k3 clients.

Computer Configuration
-Administrative templates
-Network
-DNS Client

--
Best regards,
Kevin D. Goodknecht Sr. [MVP]
Hope This Helps
===================================
When responding to posts, please "Reply to Group"
via your newsreader so that others may learn and
benefit from your issue, to respond directly to
me remove the nospam. from my email address.
===================================
http://www.lonestaramerica.com/
http://support.wftx.us/
https://secure.lsaol.com/
===================================
Use Outlook Express?... Get OE_Quotefix:
It will strip signature out and more
http://home.in.tum.de/~jain/software/oe-quotefix/
===================================
Keep a back up of your OE settings and folders
with OEBackup:
http://www.oehelp.com/OEBackup/Default.aspx
===================================

Follow-Ups:
- Re: DNS resolcing externally for local machines..
  - From: Lanwench [MVP - Exchange]
- Re: DNS resolcing externally for local machines..
  - From: Kevin D. Goodknecht Sr. [MVP]

References:
- Re: DNS resolcing externally for local machines..
  - From: Lanwench [MVP - Exchange]
- Re: DNS resolcing externally for local machines..
  - From: GaryB
- Re: DNS resolcing externally for local machines..
  - From: Kevin D. Goodknecht Sr. [MVP]

Prev by Date: Re: DNS resolcing externally for local machines..
Next by Date: Re: Errors 4000 and 9999 on secondary DNS server
Previous by thread: Re: DNS resolcing externally for local machines..
Next by thread: Re: DNS resolcing externally for local machines..
Index(es):
- Date
- Thread

Relevant Pages

Re: Clients cannot find sharepoint
... The client machines had an entry in the append DNS ... Get ipconfig/all result on SBS and client computer. ... This newsgroup only focuses on SBS technical issues. ...
(microsoft.public.windows.server.sbs)
Re: Internet Speed
... I think what we are trying to say is to use the DHCP from the SBS and NOT ... DNS and WINS point to the SBS. ... as the server IP address. ... it is recommend to configure all SBS client computers' IP and DNS ...
(microsoft.public.windows.server.sbs)
RE: Displaydns not showing all records
... I understand that the client would not display expired entries, ... there is no such a registry key to increase the DNS ...
(microsoft.public.windows.server.dns)
Re: GPO problems
... It was the ISA 2004 firewall client. ... DNS settings and network properties on the server and client computers. ... > Service of SBS is configured to be the DNS server on the problematic ...
(microsoft.public.windows.server.sbs)
Re: Multiple DCs more of a hinderance than help
... since the Exchange Server shows DC1 as the %LOGONSERVER% when I ... It would be helpful to see an ipconfig /all from a client machine, ... the client side resolver works. ... If first DNS is down, will it use the second DNS to find another DC to ...
(microsoft.public.windows.server.active_directory)