• We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.

Windows Domain/Domain Controller vs Web Domain Question...

Scarpozzi

Scarpozzi

Lifer
So I've got a Windows Domain....let's call it dc=company,dc=com

There's a DNS entry of company.com listed.

I have a website of www.company.com

My question: External DNS resolves company.com and www.company.com to our company web server. Internal DNS resolves company.com to the DC pool and www.company.com to the web server. Is there a way to redirect traffic within windows without installing IIS on the DC? (it's not recommended by Microsoft) I'm just trying to figure out how to fix the problem of internal clients and employees going to domain.com and finding a pool of servers that don't listen on port 80.

I'm relatively new to Microsoft stuff and didn't find anything about this from a google search.

Thanks,

-Scar
 
It is caleld split horizon DNS. Also, you really should something other than an Internet resolvable domain name for your internal network, aka company.local.
 
yinan said:
It is caleld split horizon DNS. Also, you really should something other than an Internet resolvable domain name for your internal network, aka company.local.
Click to expand...

That is no longer recommended. The recommended solution is to use a subdomain of the main domain IE

windows domain = internal.domain.com public = domain.com

so dc1.internal.domain.com can never conflict with anything in domain.com (except the obvious "internal.domain.com."

My home test domain hangs off my own personal public domain without issue this way right now.

In 2015 you will no longer be able to get proper certificate for domains like ".local" which will make things like Exchange basically not work (in a way that won't cause other issues in the cert chain) inside and outside the domain.
 
Thanks for the responses. It's just easier said than done when a domain's been set a certain way for years.

I agree with subdomains and a clear line between internal/external. I'll see if I can add this be to the list of 3-5 year goals.
 
Scarpozzi said:
Thanks for the responses. It's just easier said than done when a domain's been set a certain way for years.

I agree with subdomains and a clear line between internal/external. I'll see if I can add this be to the list of 3-5 year goals.
Click to expand...

Well if you have something running already, I assume you don't have an internal machine named "www" in your domain do you?

If not you can just plug an A record in to your domain DNS with the proper IP. If you are doing doing your external DNS via the DC's DNS (really bad mojo btw) the first step is to split it up and then manage each part separately.
 
You must log in or register to reply here.

TRENDING THREADS

Back
Top