Roy Brotherhood said:
Good Morning Ace:
Thank you for your response. If you would post the instructions for creating
the WWW record and the reg edit, I would appreciate it. I am not familiar
with this process and could not find info on it in the MS Knowledgebase.
Thanks again,
Roy Brotherhood
I hope this is not too confusing. For most folks, it's easier just to only
use www. Here are the instructions. Read them thouroughly first before
attempting it.
How to create zones, host records, and other records in DNS:
http://support.microsoft.com/default.aspx?scid=kb;pl;pl308201
In summary:
To create www record, in the DNS console, rt-click your domain name, say
it's domain.com,
new > Host.
Then in the hostname box, type in www
Then in the IP box, type in the external IP address.
If you're not sure of the address, post the domain name and one of use will
find out. You can do it too, by typing in:
nslookup
server 4.2.2.2
www.youdomainname.com
And the answer will popup.
If you get an error saying "NSLookup can't find domain...etc", ignore it,
look at the bottom result and that should be the IP.
====================================
Be careful with these instructions. Follow them explicitly, please. Backup
the reg FIRST.
As for connecting with
http://domain.com, we have to alter the default
behavior that netlogon registers the Blank Domain FQDn, which looks like (in
DNS):
(same as parent) A 192.168.1.2
Here's a re-post of a previous post I created for another poster with the
same issue. Be careful with the registery. Make absolutely sure you back it
up FIRST before making any changes. Use regedite.exe to back it up (export
it) to a .reg file.
==========================================
This following procedure is good especially if you have a Split Horizon
environment where the internal and external domain names are the same and
the users need to get to their external name by
http://theirdomain.com but
their DC/DNS server responds and not the actual external website.
This one is done on the netlogon service parameters in the registry. This
will stop netlogon registering the blank FQDN with the internal private IP.
Here's two steps to clean that up. 1st step stops the netlogon service from
registering that "Blank Domain FQDN" IP address. Those IPs are actually
called the LdapIPAddress. The 2nd step publishes the IP that you do want to
publish, whether a local private IP or some public IP, any or mutliple IPs,
if you want.
==========================================
Disabling the Same As Parent LdapIpAddress blank FQDN and auto Publishing a
Blank Domain FQDN IP:
[Taken from
http://support.microsoft.com/?id=295328]
To disable only the registration of the local IP addresses, set the
following registry value, then reboot the machine for it to take effect:
In regedt32:
1) Add the
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters
Registry value: DnsAvoidRegisterRecords
Data type: REG_MULTI_SZ
Value: LdapIpAddress
2) Do this on all DCs and restart netlogon or restart machine.
This will prevent the DC from adding the domain A records from netlogon.
And you can add multiple Blank Domain A records as you need.
After you set this value, you must manually register your publicly available
IP addresses for your domain to appear as:
Same as parent folder Host "publicIP"
(follow the instructions on how to create a host, but in the name box, just
don't give it a name, and give it the external www address, the same one as
the www IP. It will bark at you, but just say yes to create it).
--
Regards,
Ace
Please direct all replies to the newsgroup so all can benefit.
Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
Microsoft Windows MVP - Active Directory
