Re: DNS question - How to...

Tech-Archive recommends: Repair Windows Errors & Optimize Windows Performance

Hello Kevin.

Thanks for fast reply :)

This is what I expected to get as an answer, but it's good to get it
confirmed :)

The solution is to install IIS on the AD controllers and to make a website
there that is redirecting all port 80 traffic to the www record.

I will have to test this, as I am not sure if I want IIS on my AD
controllers...

Best Regards
Trond E. Gjelsvik-Bakke

"Kevin D. Goodknecht Sr. [MVP]" wrote:

Trond E. Gjelsvik-Bakke wrote:
Hello.

I have one question about Active Directory integrated DNS zone.

My organization want to use dns domain in their browser without www
in front. We have the following configuration.
2 external dns servers, where this is OK.
2 internal dns servers that also is Active Directory servers.
The DNS Zone is active directory integrated.
I can see that there is 2 records - (same as parent folder) pointing
to our AD servers.
What are these 2 records used for, and can it be deleted ??

These are the LDAP IP Address records and they cannot be deleted, they also
resolve the SYSVOL and NETLOGON DFS logon shares \\ADDNSDomain\SYSVOL and
\\ADDNSDomain\NETLOGON where logon scripts and GPOs are found by domain
members.

If you want to make your website available by http://ADDNSDomain create web
sites on all Domain controllers using the host header 'websitedomain'
(without the quotes) pointing the website to an empty folder, after you
create the website, go to that sites properties sheet in Internet Services
manager, Home Directory tab, select "A redirection to a URL" and enter
http://www.ADDNSDomain
Then all you need is the www record in DNS that resolves the website IP
address.


Is is possible for me to add a new DNS record in the AD integrated
zone (same as parent folder) pointing to my web server ?

No, this could direct member clients to the Web server for group policies
and logon scripts and cause 1000 events in the log.



--
Best regards,
Kevin D. Goodknecht Sr. [MVP]
Hope This Helps
===================================
When responding to posts, please "Reply to Group"
via your newsreader so that others may learn and
benefit from your issue, to respond directly to
me remove the nospam. from my email address.
===================================
http://www.lonestaramerica.com/
http://support.wftx.us/
http://message.wftx.us/
===================================
Use Outlook Express?... Get OE_Quotefix:
It will strip signature out and more
http://home.in.tum.de/~jain/software/oe-quotefix/
===================================
Keep a back up of your OE settings and folders
with OEBackup:
http://www.oehelp.com/OEBackup/Default.aspx
===================================



.

Relevant Pages

  • Re: Traveling Users Unable to Authenticate to AD
    ... authenticate to your AD while on the NDS network and you believe that DNS is ... One question that comes to mind is what DNS server is the client machine ... domain on the us.parent.com name servers. ... > MYCO.US.PARENT.COM Active Directory, get their mapped drives, access to ...
    (microsoft.public.windows.server.active_directory)
  • Re: Event Viewer Anomoly
    ... I would also make the so called "BDC" a DNS server and use Active directory ... DNS servers as preferred DNS on the NIC itself and secondary the other. ... The File Replication Service is having trouble enabling ...
    (microsoft.public.win2000.networking)
  • Re: TCPIP Services SMTP, RBLs blocking all inbound email
    ... pointing to 'anything' (we pointed it to the website address). ... Workaround stops having random subdomain.mydomain.com from pointing to ... One Alpha running email, a second doing website, DNS resolution ... Cimco servers, with domain DNS provided by dotster. ...
    (comp.os.vms)