AD Domain Name same as Public Domain Name

Discussion in 'Windows Networking' started by MacKenzie Mickelsen, May 4, 2005.

  1. Hey everyone

    I am stupid! When we set things up we set our internal network we used our
    public domain name in the set up(mostly because we were having all of our
    internet stuff hosted). Recently we have switched and are now hosting things
    ourselves. We have encountered a problem where our telecommuters that VPN
    into our network cant resolve name on our network. When they try it hits our
    public DNS(our ISP's DNS Server) resolver which cant resolve our internal
    stuff. Is there anything we can do to fix this? Anyway of changing our AD
    Domain Name?

    Thanks
    Kenzie
     
    MacKenzie Mickelsen, May 4, 2005
    #1
    1. Advertisements

  2. What version of AD you have?
     
    Jorge Patricio Díaz Guzmán, May 4, 2005
    #2
    1. Advertisements

  3. Changing the AD domain name is not supported in W2k without
    rebuilding the domain IIRC but available in W2k3.
     
    Michael Giorgio - MS MVP, May 4, 2005
    #3
  4. Windows 2003 Server is what our Domain controller runs

    Kenzie
     
    MacKenzie Mickelsen, May 4, 2005
    #4
  5. We run Windows 2003 Server on our Domain Controller

    Kenzie
     
    MacKenzie Mickelsen, May 4, 2005
    #5
  6. If Exchange is installed in your system you cannot rename it.

    When the VPN is active it will use the DNS associated with the VPN link,
    which should be your Internal DNS. The regular Internet link is supposed to
    be ignored,...so make sure they get a "DNS Setting" when the VPN connects,
    WINS is a good idea too. Do not use Split Tunneling,... "Use Gateway on
    Remote Network" must be enabled on the client dialup settings.
     
    Phillip Windell, May 4, 2005
    #6
  7. I'm afraid about the best you can do is use the hosts file on the VPN
    clients.

    Do the VPN users use a dial-up to connect to the VPN server?
    You can create a second dial-up connection for only the VPN connection to
    use that has the local DNS servers IP address in the connection intesad of
    the ISP's. The Windows VPN client has a setting for telling it what dial up
    connection to use when connecting.


    --?
    Best regards,
    Kevin D4 Dad Goodknecht Sr. [MVP]
    Hope This Helps
    ===================================
    When responding to posts, please "Reply to Group"
    via your newsreader so that others may learn and
    benefit from your issue, to respond directly to
    me remove the nospam. from my email address.
    ===================================
    http://www.lonestaramerica.com/
    ===================================
    Use Outlook Express?... Get OE_Quotefix:
    It will strip signature out and more
    http://home.in.tum.de/~jain/software/oe-quotefix/
    ===================================
    Keep a back up of your OE settings and folders
    with OEBackup:
    http://www.oehelp.com/OEBackup/Default.aspx
    ===================================
     
    Kevin D. Goodknecht Sr. [MVP], May 4, 2005
    #7
  8. We do have Exchange but it is on its own separate server. We that that
    server set up and a Secondary Controller. Does that make a difference to
    whether or not we can change the domain name?

    Thanks
    Kenzie
     
    MacKenzie Mickelsen, May 4, 2005
    #8
  9. If it is Exchange 2003 SP1 you can rename, if it is Exchange 2000 or
    2003w/oSP1 you cannot rename. No matter what machine Exchange is on.



    --?
    Best regards,
    Kevin D4 Dad Goodknecht Sr. [MVP]
    Hope This Helps
    ===================================
    When responding to posts, please "Reply to Group"
    via your newsreader so that others may learn and
    benefit from your issue, to respond directly to
    me remove the nospam. from my email address.
    ===================================
    http://www.lonestaramerica.com/
    ===================================
    Use Outlook Express?... Get OE_Quotefix:
    It will strip signature out and more
    http://home.in.tum.de/~jain/software/oe-quotefix/
    ===================================
    Keep a back up of your OE settings and folders
    with OEBackup:
    http://www.oehelp.com/OEBackup/Default.aspx
    ===================================
     
    Kevin D. Goodknecht Sr. [MVP], May 4, 2005
    #9
  10. MacKenzie Mickelsen

    Bill Grant Guest

    Hi Kevin,

    Surely this can be fixed simply by adding extra entries in the local
    DNS.

    Clients who use VPN to connect are essentially "inside" the private
    network. That's what VPN means - a virtual private network. They should be
    using the local DNS, just like the LAN clients. To see the public website
    they need to use its internal IP, just as a LAN client would. If the local
    DNS resolves the name to this IP, it should work for remote clients just as
    it does for LAN clients.
     
    Bill Grant, May 5, 2005
    #10
  11. Yes, they are essentually "inside" the network, the problem is they first
    connect to an ISP and start asking the ISP DNS to resolve names that don't
    exist. These negative answers get cached for what ever time period the
    Default TTL DNS is.
    That's why I say create a new dedicated dial up connection not using the
    ISP's DNS, for the VPN connection to use and the external DNS won't get
    queried in the first place.



    --?
    Best regards,
    Kevin D4 Dad Goodknecht Sr. [MVP]
    Hope This Helps
    ===================================
    When responding to posts, please "Reply to Group"
    via your newsreader so that others may learn and
    benefit from your issue, to respond directly to
    me remove the nospam. from my email address.
    ===================================
    http://www.lonestaramerica.com/
    ===================================
    Use Outlook Express?... Get OE_Quotefix:
    It will strip signature out and more
    http://home.in.tum.de/~jain/software/oe-quotefix/
    ===================================
    Keep a back up of your OE settings and folders
    with OEBackup:
    http://www.oehelp.com/OEBackup/Default.aspx
    ===================================
     
    Kevin D. Goodknecht Sr. [MVP], May 5, 2005
    #11
  12. period the
    The ISP's DNS should never by queried by the client at all in any way at
    anytime for any reason. The ISP's DNS should only appear in the AD DNS's
    "forwarders list" and never appear anywhere else. If all clients, LAN, VPN,
    Dialup, whatever of any kind, use the AD DNS and nothing but the AD DNS
    there will not be a problem.

    Any other more complex situations, such as some situations with ISA, would
    need "Split-DNS".

    [Those are underscores, not spaces between the words]
    You Need to Create a Split DNS!
    http://www.isaserver.org/tutorials/You_Need_to_Create_a_Split_DNS.html
     
    Phillip Windell, May 5, 2005
    #12
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.