DNS Replication Issue.

[mirwin]

Hello all.
I have 3 servers all setup as DC's and all with AD. All serve other
purposes also though . 1 is for web and 1 is for mail and also
exchange webmail setup on it and teh last is also DHCP for the local
network.
I need to be able to access our site by going to sitename.com as well
as www.sitename.com.
The problem I'm having is that the dns servers are creating an A
record with no host name for themselves then replicating to the other
servers. This is causing the website to fail when the www header is
left off because it's being referenced to the wrong IP.
I've tried turning off the "register this connection's address in DNS"
but this cause replication to fail with the Event ID 5782. Adter much
frustration I've just turned this back on.
In case this makes no sense at all here is an example
servers
XCHNS-1 10.10.10.10
WEBNS-2 10.10.10.20
DHCPNS-3 10.10.200.10

DNS
--XCHNS-1
----Forward Lookup Zones
------Sitename.com
(same as parent folder) host 10.10.200.10
(same as parent folder) host 10.10.10.20
(same as parent folder) host 10.10.10.10
www host 10.10.10.20

If you need anymore info please don't hesitate to ask. Also just so
you know. I didn't set this up I just inherited it

Thanks in advance,

Mark Irwin

 

[Kevin D. Goodknecht [MVP]]

In mirwin <[email protected]> posted a question
Then Kevin replied below:
: Hello all.
: I have 3 servers all setup as DC's and all with AD. All serve other
: purposes also though . 1 is for web and 1 is for mail and also
: exchange webmail setup on it and teh last is also DHCP for the local
: network.
: I need to be able to access our site by going to sitename.com as well
: as www.sitename.com.
: The problem I'm having is that the dns servers are creating an A
: record with no host name for themselves then replicating to the other
: servers. This is causing the website to fail when the www header is
: left off because it's being referenced to the wrong IP.
: I've tried turning off the "register this connection's address in DNS"
: but this cause replication to fail with the Event ID 5782. Adter much
: frustration I've just turned this back on.
: In case this makes no sense at all here is an example
: servers
: XCHNS-1 10.10.10.10
: WEBNS-2 10.10.10.20
: DHCPNS-3 10.10.200.10
:
: DNS
: --XCHNS-1
: ----Forward Lookup Zones
: ------Sitename.com
: (same as parent folder) host 10.10.200.10
: (same as parent folder) host 10.10.10.20
: (same as parent folder) host 10.10.10.10
: www host 10.10.10.20
:
: If you need anymore info please don't hesitate to ask. Also just so
: you know. I didn't set this up I just inherited it
:
: Thanks in advance,
:
: Mark Irwin

These records are required for group policies to be applied, policies are
applied from the \\sitename.com\SYSVOL\sitename.com\polices share, do not
alter the behavior. If you do when group policies are supposed to be
applied, the machines will look to the Webserver for the above share, it
won't be there and you will get USERENV errors logged in the event log.
These record must point to the NICs on the DCs that File Sharing is bound
to.

The best work aroung is to install IIS on all DC's then use Internet
services manager
to create a New Website giving it the host header 'sitename.com' then right
click on the website go to the Home Directory tab select Redirection to a
URL put in http://www.sitename.com/

 

[Deji Akomolafe]

The problem I'm having is that the dns servers are creating an A

record with no host name for themselves then replicating to the other
servers.

This is by design.

This is causing the website to fail when the www header is
left off because it's being referenced to the wrong IP.

Another "good" reason to use separate names for your "outside" and inside
domains.

I've tried turning off the "register this connection's address in DNS"

That won't help you

In case this makes no sense at all here is an example

It does make plenty of sense.

I typically don't like to offer "recommended" or "best practice" opinions,
but you are getting bitten by a well-documented "bug". Not really a bug, but
you get the idea. There are some things you can do, but none of them is
practical or easy or even "recommended". The best thing I can tell you is
"this is the way it's supposed to be, so this problem is not really your
fault. Live with it"
--
Sincerely,

Dèjì Akómöláfé, MCSE MCSA MCP+I
www.akomolafe.com
www.iyaburo.com
Do you now realize that Today is the Tomorrow you were worried about
Yesterday? -anon

 

[Ace Fekay [MVP]]

The problem I'm having is that the dns servers are creating an A

This is by design.

Another "good" reason to use separate names for your "outside" and
inside domains.


It does make plenty of sense.

I typically don't like to offer "recommended" or "best practice"
opinions, but you are getting bitten by a well-documented "bug". Not
really a bug, but you get the idea. There are some things you can do,
but none of them is practical or easy or even "recommended". The best
thing I can tell you is "this is the way it's supposed to be, so this
problem is not really your fault. Live with it"

Dèjì Akómöláfé, MCSE MCSA MCP+I

He could opt to eliminate that record from registering thru the reg, but,
not really recommended in the long run. This has to be done on every DC,
then the correct record needs to be created manually.

Due to a split-dns zone.



--
Regards,
Ace

Please direct all replies to the newsgroup so all can benefit.
This posting is provided "AS IS" with no warranties.

Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
Microsoft Windows MVP - Active Directory

 

[Deji Akomolafe]

Yeah. He could do that, but it will break more than he's try to fix. WRT the
IIS on DC option, my response is don't do it. IIS on DC is not "a good
thing"(TM). I think he should just understand that this is the way it is and
he should either accept it, or bite the bullet and make his internal domain
name different from his external domain name.

--
Sincerely,

Dèjì Akómöláfé, MCSE MCSA MCP+I
www.akomolafe.com
www.iyaburo.com
Do you now realize that Today is the Tomorrow you were worried about
Yesterday? -anon
"Ace Fekay [MVP]"

 

[Ace Fekay [MVP]]

In

Yeah. He could do that, but it will break more than he's try to fix.
WRT the IIS on DC option, my response is don't do it. IIS on DC is
not "a good thing"(TM). I think he should just understand that this
is the way it is and he should either accept it, or bite the bullet
and make his internal domain name different from his external domain
name.

Agreed !


--
Regards,
Ace

Please direct all replies to the newsgroup so all can benefit.
This posting is provided "AS IS" with no warranties.

Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
Microsoft Windows MVP - Active Directory