|
|
1
4th September 17:32
External User
Posts: 1
|
Multiple Domain Question
Hi Everyone,
We recently moved to Active Directory (Win2000) DNS. The problem we are having is we connect to three different companies over a private line, so an internal web site will have an internal ip. We were running Symantec Firewall with DNS and were able to enter in a host name and domain name with the private ip address and everything worked well (There were not any zones to deal with) With AD DNS we need to create zones for each of theses domains and create the same internal records. The problem with this is that the AD DNS server thinks its the root of the other company's domain, so if a host is not specified it will not forward the request. For example: example.com (external domain) insidehost.example.com A 10.10.10.1 The only host we can access is insidehost.domain1.com, all other requests fail becasue they are not listed in the DNS server. What we have done to work around this is obtain public host records including MX records and added them to our DNS server locally. We also added the NS records and SOA records. This enables us to send email, but still any host not defined will fail, even with the NS and SOA records Windows fails the query. Is there any way around this other than what I have done? I do not have access to the other company's internal DNS server - that is restricted by a firewall and unfortunatley is not an option to open that up. My guess is we have to work with what we have done, but i was wondering if there was a way around this or is there another product that will perform name look ups and if it cannot find it locally will simply pass it on to another name server. Hopefully this makes sense to someone. Thanks very much for taking the time to read this |
|
|
SPONSORED LINKS BY GOOGLE |
|
2
8th September 17:07
External User
Posts: 1
|
Multiple Domain Question
Hi Everyone,
We recently moved to Active Directory (Win2000) DNS. The problem we are having is we connect to three different companies over a private line, so an internal web site will have an internal ip. We were running Symantec Firewall with DNS and were able to enter in a host name and domain name with the private ip address and everything worked well (There were not any zones to deal with) With AD DNS we need to create zones for each of theses domains and create the same internal records. The problem with this is that the AD DNS server thinks its the root of the other company's domain, so if a host is not specified it will not forward the request. For example: example.com (external domain) insidehost.example.com A 10.10.10.1 The only host we can access is insidehost.domain1.com, all other requests fail becasue they are not listed in the DNS server. What we have done to work around this is obtain public host records including MX records and added them to our DNS server locally. We also added the NS records and SOA records. This enables us to send email, but still any host not defined will fail, even with the NS and SOA records Windows fails the query. Is there any way around this other than what I have done? I do not have access to the other company's internal DNS server - that is restricted by a firewall and unfortunatley is not an option to open that up. My guess is we have to work with what we have done, but i was wondering if there was a way around this or is there another product that will perform name look ups and if it cannot find it locally will simply pass it on to another name server. Hopefully this makes sense to someone. Thanks very much for taking the time to read this |
|
|
|
3
8th September 17:07
External User
Posts: 1
|
Multiple Domain Question
Read inline,
In news:1168531002.084838.272960@77g2000hsv.googlegro ups.com, newtomac <dmoloney68@hotmail.com> typed: Replied to in microsoft.public.Win2000.dns group -- Best regards, Kevin D. Goodknecht Sr. [MVP] Hope This Helps =================================== When responding to posts, please "Reply to Group" via your newsreader so that others may learn and benefit from your issue, to respond directly to me remove the nospam. from my email address. =================================== http://www.lonestaramerica.com/ http://support.wftx.us/ http://message.wftx.us/ =================================== Use Outlook Express?... Get OE_Quotefix: It will strip signature out and more http://home.in.tum.de/~jain/software/oe-quotefix/ =================================== Keep a back up of your OE settings and folders with OEBackup: http://www.oehelp.com/OEBackup/Default.aspx =================================== |
|
|
|
SPONSORED LINKS BY GOOGLE |
|
|
Linear Mode
