Internal & External Name Resolution

Scenario:
Commercial Web Site (hosted offsite) = companyname.com
Internal DNS Zone = companyname.com

To resolve to Commercial web site from internal we use www host record that
points to the external IP address of the Commercial site.

Internally users want to be able to type in companyname.com instead of
www.companyname.com

Also
Web developers did not prefix links on site with www. so links do not work
internally.

Is there a solution where both www.companyname.com and companyname.com can
work internally>

TIA

"tkutil" <> wrote in message
news:1FE83325-2BC5-47D8-AE21-...
> Scenario:
> Commercial Web Site (hosted offsite) = companyname.com
> Internal DNS Zone = companyname.com
>
> To resolve to Commercial web site from internal we use www host record
> that
> points to the external IP address of the Commercial site.
>
> Internally users want to be able to type in companyname.com instead of
> www.companyname.com
>
> Also
> Web developers did not prefix links on site with www. so links do not work
> internally.
>
> Is there a solution where both www.companyname.com and companyname.com can
> work internally>
>
> TIA

Yes, how many DCs do you have? The following must be done on ALL domain
controllers. Read carefully as to why it has to be done this way.

================================================== ================================================== ==
================================================== ================================================== ==
AD domain name is the same name internal and external

Or

From inside the office, I can't get to http://domain.com, but can using
http://www.domain.com after creating an A 'www' record.

Is your internal domain name and external domain name the same? If so, it's
called a split zone. To allow your internal users to get to your external
webserver in such a scenario, simply create a "A" www record and provide the
IP address of the external web server. If your ISP uses more than one web
servers, such as a server farm, instead of an "A" record, I suggest to
create a delegation for 'www' to the public name servers. This can be done
by rt-clicking your zone, new delegation, type in www, and provide the SOA
of your public domain.

As for getting to the domain with http://domain.com (without the www in
front of it), is a little more complex because EACH domain controller
registers themselves into DNS with an IP address as:
(same as parent) A x.x.x.x

This record is actually called the LdapIpAddress. Each DC registers one for
itself. AD uses that record for a number of things, such as DC to DC
replication, Sysvol replication, GPOs and DFS. Don't mess with it please.

To get around that, on EACH DC, install IIS. In the default website
properties, directory tab, redirect it to www.domain.com.


More info and scenarios:

If the same internal and external name and website is hosted externally:
Simply adding a www host record (NOT and alias) under your internal name and
providing the external web server's IP address will be sufficient, but you
must always use 'www' in front of it. You can also delegate the www record
as explained above. The blank record, http://myweb.com is a little more
complex to make it work, as I've stated because the of the LdapIpAddress
record that appears as: "(same as parent) A x.x.x.x" is actually a record
each DC creates as part of the netlogon SRV registration process. This
cannot be changed, however to get around it, you can install IIS on EACH and
every domain controller. In the default website properties, configure a
redirect to 'www.myweb.com,' and anytime anyone enters http//myweb.com, it
will be redirected automatically.

If the same internal and external name and the public website is hosted
internally:
Create a www host record giving it the internal private IP address. Install
IIS on EACH and every domain controller. In the default website properties,
configure a redirect to 'www.myweb.com,' and anytime anyone enters
http//myweb.com, it will be redirected automatically.

If different internal and external name and website hosted externally:
Nothing to do. Internet resolution will handle everything. Configure a
forwarder for more efficient internet name resolution.
================================================== ================================================== ==
================================================== ================================================== ==



--
Ace

This posting is provided "AS-IS" with no warranties or guarantees and
confers no rights.

Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSA Messaging, MCT
Microsoft Certified Trainer


For urgent issues, you may want to contact Microsoft PSS directly. Please
check http://support.microsoft.com for regional support phone numbers.

"Efficiency is doing things right; effectiveness is doing the right
things." - Peter F. Drucker
http://twitter.com/acefekay

AD is actually different name. DNS hosts the AD zone of course, but there is
this legacy zone that is also the same name as the external commercial web
site. This whole problem arose when our web site was moved as well as
reprogrammed. I don't know the entire history, but people insist that they
could use the domainname.com internally and still get to the site, which I
think is impossible given our configuration. Unless there is some magic DNS
trick, I believe this problem always existed and will continue to exist until
we remove the old legacy zone which is named the same as the commercial site.
Or, train the users and the progammers to add www in front of the domain name.

"Ace Fekay [Microsoft Certified Trainer]" wrote:

> "tkutil" <> wrote in message
> news:1FE83325-2BC5-47D8-AE21-...
> > Scenario:
> > Commercial Web Site (hosted offsite) = companyname.com
> > Internal DNS Zone = companyname.com
> >
> > To resolve to Commercial web site from internal we use www host record
> > that
> > points to the external IP address of the Commercial site.
> >
> > Internally users want to be able to type in companyname.com instead of
> > www.companyname.com
> >
> > Also
> > Web developers did not prefix links on site with www. so links do not work
> > internally.
> >
> > Is there a solution where both www.companyname.com and companyname.com can
> > work internally>
> >
> > TIA
>
> Yes, how many DCs do you have? The following must be done on ALL domain
> controllers. Read carefully as to why it has to be done this way.
>
> ================================================== ================================================== ==
> ================================================== ================================================== ==
> AD domain name is the same name internal and external
>
> Or
>
> From inside the office, I can't get to http://domain.com, but can using
> http://www.domain.com after creating an A 'www' record.
>
> Is your internal domain name and external domain name the same? If so, it's
> called a split zone. To allow your internal users to get to your external
> webserver in such a scenario, simply create a "A" www record and provide the
> IP address of the external web server. If your ISP uses more than one web
> servers, such as a server farm, instead of an "A" record, I suggest to
> create a delegation for 'www' to the public name servers. This can be done
> by rt-clicking your zone, new delegation, type in www, and provide the SOA
> of your public domain.
>
> As for getting to the domain with http://domain.com (without the www in
> front of it), is a little more complex because EACH domain controller
> registers themselves into DNS with an IP address as:
> (same as parent) A x.x.x.x
>
> This record is actually called the LdapIpAddress. Each DC registers one for
> itself. AD uses that record for a number of things, such as DC to DC
> replication, Sysvol replication, GPOs and DFS. Don't mess with it please.
>
> To get around that, on EACH DC, install IIS. In the default website
> properties, directory tab, redirect it to www.domain.com.
>
>
> More info and scenarios:
>
> If the same internal and external name and website is hosted externally:
> Simply adding a www host record (NOT and alias) under your internal name and
> providing the external web server's IP address will be sufficient, but you
> must always use 'www' in front of it. You can also delegate the www record
> as explained above. The blank record, http://myweb.com is a little more
> complex to make it work, as I've stated because the of the LdapIpAddress
> record that appears as: "(same as parent) A x.x.x.x" is actually a record
> each DC creates as part of the netlogon SRV registration process. This
> cannot be changed, however to get around it, you can install IIS on EACH and
> every domain controller. In the default website properties, configure a
> redirect to 'www.myweb.com,' and anytime anyone enters http//myweb.com, it
> will be redirected automatically.
>
> If the same internal and external name and the public website is hosted
> internally:
> Create a www host record giving it the internal private IP address. Install
> IIS on EACH and every domain controller. In the default website properties,
> configure a redirect to 'www.myweb.com,' and anytime anyone enters
> http//myweb.com, it will be redirected automatically.
>
> If different internal and external name and website hosted externally:
> Nothing to do. Internet resolution will handle everything. Configure a
> forwarder for more efficient internet name resolution.
> ================================================== ================================================== ==
> ================================================== ================================================== ==
>
>
>
> --
> Ace
>
> This posting is provided "AS-IS" with no warranties or guarantees and
> confers no rights.
>
> Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSA Messaging, MCT
> Microsoft Certified Trainer
>
>
> For urgent issues, you may want to contact Microsoft PSS directly. Please
> check http://support.microsoft.com for regional support phone numbers.
>
> "Efficiency is doing things right; effectiveness is doing the right
> things." - Peter F. Drucker
> http://twitter.com/acefekay
>
>
>

"tkutil" <> wrote in message
news:848B9797-E0B9-4560-934E-...
> AD is actually different name. DNS hosts the AD zone of course, but there
> is
> this legacy zone that is also the same name as the external commercial web
> site. This whole problem arose when our web site was moved as well as
> reprogrammed. I don't know the entire history, but people insist that they
> could use the domainname.com internally and still get to the site, which I
> think is impossible given our configuration. Unless there is some magic
> DNS
> trick, I believe this problem always existed and will continue to exist
> until
> we remove the old legacy zone which is named the same as the commercial
> site.
> Or, train the users and the progammers to add www in front of the domain
> name.

If the AD name is NOT the same as the external, then it is a simple fix.
Create a new A record, but keep the hostname box at the top blank, and give
it the external web server IP.


Ace

Thanks Ace

I found that answer in one of your other posts. I will give it a try.

http://www.microsoft.com/communities...945&sloc=en-us

"Ace Fekay [Microsoft Certified Trainer]" wrote:

> "tkutil" <> wrote in message
> news:848B9797-E0B9-4560-934E-...
> > AD is actually different name. DNS hosts the AD zone of course, but there
> > is
> > this legacy zone that is also the same name as the external commercial web
> > site. This whole problem arose when our web site was moved as well as
> > reprogrammed. I don't know the entire history, but people insist that they
> > could use the domainname.com internally and still get to the site, which I
> > think is impossible given our configuration. Unless there is some magic
> > DNS
> > trick, I believe this problem always existed and will continue to exist
> > until
> > we remove the old legacy zone which is named the same as the commercial
> > site.
> > Or, train the users and the progammers to add www in front of the domain
> > name.
>
> If the AD name is NOT the same as the external, then it is a simple fix.
> Create a new A record, but keep the hostname box at the top blank, and give
> it the external web server IP.
>
>
> Ace
>
>

"tkutil" <> wrote in message
news:3C2C6859-9361-4136-9941-...
> Thanks Ace
>
> I found that answer in one of your other posts. I will give it a try.
>
> http://www.microsoft.com/communities...945&sloc=en-us

That's great! Good to hear.

If you have any other problems, don't hesitate to post.

Cheers!

Ace

hi,
if you are able to access "www.companyname.com" and now you want to able to
access both "www.companyname.com" or "companyname.com" for your same
commercial site.
Do this exercise with your zone-------------------
xxxx.xxxx.xxxx.xxxx A WWW
companyname.com CNAME
www.companyname.com

Enjoy


"Ace Fekay [Microsoft Certified Trainer]" wrote:

> "tkutil" <> wrote in message
> news:3C2C6859-9361-4136-9941-...
> > Thanks Ace
> >
> > I found that answer in one of your other posts. I will give it a try.
> >
> > http://www.microsoft.com/communities...945&sloc=en-us
>
> That's great! Good to hear.
>
> If you have any other problems, don't hesitate to post.
>
> Cheers!
>
> Ace
>
>

"Windows Killers" <> wrote in
message news:F4A4139D-63DA-4806-8411-...
> hi,
> if you are able to access "www.companyname.com" and now you want to able
> to
> access both "www.companyname.com" or "companyname.com" for your same
> commercial site.
> Do this exercise with your zone-------------------
> xxxx.xxxx.xxxx.xxxx A WWW
> companyname.com CNAME
> www.companyname.com
>
> Enjoy

You can't do that with companyname.com or it will interfere with the
LdapIpAddress. Read my previous post explaining this important record that
AD needs.

Ace

"Windows Killers" <> wrote in
message news:F4A4139D-63DA-4806-8411-...
> hi,
> if you are able to access "www.companyname.com" and now you want to able
> to
> access both "www.companyname.com" or "companyname.com" for your same
> commercial site.
> Do this exercise with your zone-------------------
> xxxx.xxxx.xxxx.xxxx A WWW
> companyname.com CNAME
> www.companyname.com
>
> Enjoy
>

That will surely be a Windows Killer!!

:-)