add external domain mapping to local machine ?

Discussion in 'DNS Server' started by tonyb61, Mar 26, 2010.

  1. tonyb61

    tonyb61 Guest

    I'm using windows server 2003.
    For one external address say foo.bar.com, I want local machines in our
    domain to find foo.bar.com mapping to a local machine say 123.456.789.1 All
    dns requests are routed through our server before going outside, so I guess
    I need to add an entry on the server dns service mapping foo.bar.com to
    123.456.789.1 ?

    Tony
     
    tonyb61, Mar 26, 2010
    #1
    1. Advertisements

  2. There is no "mapping",..no such thing. It is just normal DNS with a normal
    CNAME Record

    It is called Split-DNS.
    You create a normal standard Zone that is not AD Integrated,...that is
    called "foobar.com" (note only one dot).
    Create a CNAME record and point it to the Host Record of the machine on the
    local LAN.

    Take note!!! Once you do this then you have to include in the new Zone
    *any* other records related to "foobar.com" because as far as your LAN is
    concerned your AD/DNS has now become the authoritative DNS for that Zone.
    That does not effect the outside world at all, but it effects your LAN.


    --
    Phillip Windell

    The views expressed, are my own and not those of my employer, or Microsoft,
    or anyone else associated with me, including my cats.
    -----------------------------------------------------
     
    Phillip Windell, Mar 26, 2010
    #2
    1. Advertisements

  3. tonyb61

    tonyb61 Guest

    That seems to do the job.

    Thanks
    Tony
     
    tonyb61, Mar 26, 2010
    #3

  4. Actually, I would suggest AD integrated, because if there are more than one DC/DNS server, you wouldn't want to go to the others and make secondary zone.

    :)



    --
    Ace

    This posting is provided "AS-IS" with no warranties or guarantees and confers no rights.

    Please reply back to the newsgroup or forum for collaboration benefit among responding engineers, and to help others benefit from your resolution.

    Ace Fekay, MVP, MCT, MCITP EA, MCTS Windows 2008 & Exchange 2007, MCSE & MCSA 2003/2000, MCSA Messaging 2003
    Microsoft Certified Trainer
    Microsoft MVP - Directory Services

    If you feel this is an urgent issue and require immediate assistance, please contact Microsoft PSS directly. Please check http://support.microsoft.com for regional support phone numbers.
     
    Ace Fekay [MVP-DS, MCT], Mar 27, 2010
    #4
  5. That's true. I just dicovered that Sunday. On the project we had talk about
    earlier I noticed that the DCs from the two domains at the second site were
    "unaware" of the zones that were transfered between the DCs in the first
    site.


    --
    Phillip Windell

    The views expressed, are my own and not those of my employer, or Microsoft,
    or anyone else associated with me, including my cats.
    -----------------------------------------------------





    Actually, I would suggest AD integrated, because if there are more than one
    DC/DNS server, you wouldn't want to go to the others and make secondary
    zone.

    ..
     
    Phillip Windell, Mar 31, 2010
    #5

  6. Zone transfers are a pain. It's so easy with AD integrated zones if DNS is on all the DCs. :)

    --
    Ace

    This posting is provided "AS-IS" with no warranties or guarantees and confers no rights.

    Please reply back to the newsgroup or forum for collaboration benefit among responding engineers, and to help others benefit from your resolution.

    Ace Fekay, MVP, MCT, MCITP EA, MCTS Windows 2008 & Exchange 2007, MCSE & MCSA 2003/2000, MCSA Messaging 2003
    Microsoft Certified Trainer
    Microsoft MVP - Directory Services

    If you feel this is an urgent issue and require immediate assistance, please contact Microsoft PSS directly. Please check http://support.microsoft.com for regional support phone numbers.
     
    Ace Fekay [MVP-DS, MCT], Apr 1, 2010
    #6
  7. The old DC of the old Domain in the second Site never had DNS on it and I
    did not have a Windows CD with me to add it in. Luckily that mess is about
    to "go away". The new DCs I create will be fully equiped for their job.


    --
    Phillip Windell

    The views expressed, are my own and not those of my employer, or Microsoft,
    or anyone else associated with me, including my cats.
    -----------------------------------------------------
     
    Phillip Windell, Apr 1, 2010
    #7

  8. Cool!

    You know, when used to setup Windows 2003 on mine and customer sites, I always copied the i386 to the C: drive, and SP integrated it. This way whenever you have to add something, it's a cinch. Otherwise, you have to dig up the CD, install the feature, then by rights, you have to re-run the service pack. When I was asked to take care of customers in such a scenario, I would never re-run the service pack, for it will then reset Windows updates, and possibly cause problems with a bunch of other things. The best I found is to copy the i386, sp integrate it, then install the feature. If I wasn't *permitted* to copy the i386 (possibly due to their security SLAs), I would just install the feature and be done with it.

    Ace
     
    Ace Fekay [MVP-DS, MCT], Apr 1, 2010
    #8
  9. That's what I was thinking of doing too.

    I didn't know you could SP integrate the files as they sat there on the HD.
    I only know how to do that to the CD (creating an ISO in the process).


    --
    Phillip Windell

    The views expressed, are my own and not those of my employer, or Microsoft,
    or anyone else associated with me, including my cats.
    -----------------------------------------------------



    You know, when used to setup Windows 2003 on mine and customer sites, I
    always copied the i386 to the C: drive, and SP integrated it. This way
    whenever you have to add something, it's a cinch. Otherwise, you have to dig
    up the CD, install the feature, then by rights, you have to re-run the
    service pack. When I was asked to take care of customers in such a scenario,
    I would never re-run the service pack, for it will then reset Windows
    updates, and possibly cause problems with a bunch of other things. The best
    I found is to copy the i386, sp integrate it, then install the feature. If I
    wasn't *permitted* to copy the i386 (possibly due to their security SLAs), I
    would just install the feature and be done with it.

    Ace
     
    Phillip Windell, Apr 1, 2010
    #9
  10. If you copy the i386 to c:, so it will be located in c:\i386, expand the service pack (spName.exe /x, and choose a location to expand to), then run the update.exe with the following switches:
    update /s:c:\

    It will look for an i386 folder under c:\ and integrate it.

    I don't remember seeing this option for Vista, 7 or 2008, but then again, the newer operating systems keeps a copy of the source files under the Windows folder. I usually just download an updated version of the OS from Open or MSDN.



    --
    Ace

    This posting is provided "AS-IS" with no warranties or guarantees and confers no rights.

    Please reply back to the newsgroup or forum for collaboration benefit among responding engineers, and to help others benefit from your resolution.

    Ace Fekay, MVP, MCT, MCITP EA, MCTS Windows 2008 & Exchange 2007, MCSE & MCSA 2003/2000, MCSA Messaging 2003
    Microsoft Certified Trainer
    Microsoft MVP - Directory Services

    If you feel this is an urgent issue and require immediate assistance, please contact Microsoft PSS directly. Please check http://support.microsoft.com for regional support phone numbers.
     
    Ace Fekay [MVP-DS, MCT], Apr 2, 2010
    #10
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.