Public DNS question Plz HELP

  • Thread starter Thread starter Guest
  • Start date Start date
G

Guest

HI,
I have a simple configuration:
- One windows 2003 Server SP2 with DNS, IIS and Exchange and domain controler.

This server are used for hosting web site. The FQDN for the active directory
are the public registrated domain name for the hosting domain. This server
are behind a firewall and have static private IP: 192.168.0.111

ON the dns Zone properties I defind the 2 Domain Name server:
Web01.arbault.ca 66.129.143.5
Web02.arbault.ca not installed yet for now I put the same ip 66.129.143.5

I remove all the A record that point to the internal IP 192.168.0.111 for
web01. If I do that, after several mnute, the AD stop fonctionning making
several error in the envent viewer for exchnage serve likeMSExchnageAL
MSExhangerSA, and so on. I can't open Active directory user and computer
anymore. IF I replace the A recod in the arbault zone: web01.arbault.ca
192.168.0.111 all start fonctionning well.

The point is: If I let this private IP in the zone, when I check one of my
hosted domain with DnsReport.com i got this:
web01.arbault.ca. [192.168.0.111 (NO GLUE)] [*I]
web02.arbault.ca. [66.129.143.5 (NO GLUE)] [CA]

the web01 are not with the public adress.
Any sugestion?
 
In
Pierre said:
HI,
I have a simple configuration:
- One windows 2003 Server SP2 with DNS, IIS and Exchange and domain
controler.

This server are used for hosting web site.
Click to expand...

This is a bad idea....seriously. Get an inexpensive web hosting account and
move your website(s) there - don't host public websites on your LAN, let
alone your DC/Exchange server.
The FQDN for the active
directory are the public registrated domain name for the hosting
domain.
Click to expand...

That config can be a bit messy, although some people prefer it. Too late to
change it now, anyway :)
This server are behind a firewall and have static private IP:
192.168.0.111

ON the dns Zone properties I defind the 2 Domain Name server:
Web01.arbault.ca 66.129.143.5
Web02.arbault.ca not installed yet for now I put the same ip
66.129.143.5
Click to expand...

I'm confused here. Your internal DNS should have *no* public
nameservers...it's for AD only. Don't mix and match.
I remove all the A record that point to the internal IP 192.168.0.111
for web01. If I do that, after several mnute, the AD stop
fonctionning making several error in the envent viewer for exchnage
serve likeMSExchnageAL MSExhangerSA, and so on. I can't open Active
directory user and computer anymore. IF I replace the A recod in the
arbault zone: web01.arbault.ca 192.168.0.111 all start fonctionning
well.
Click to expand...

Leave it the way it was. You are going to mess up your AD royally! Your
public domain name servers should not be on your internal network.

The point is: If I let this private IP in the zone, when I check one
of my hosted domain with DnsReport.com i got this:
web01.arbault.ca. [192.168.0.111 (NO GLUE)] [*I]
web02.arbault.ca. [66.129.143.5 (NO GLUE)] [CA]

the web01 are not with the public adress.
Any sugestion?
Click to expand...

It shouldn't be the public address. Your private & public DNS should not mix
or touch in any way.
 
Back
Top