We have two domain controllers running Server 2003 Enterprise Edition. We recently were forced to rebuild our domain adding .com to our domain name in order to make the LDAP connector work properly with a Barracuda Spam Filter--This at the advice of Barracuda Tech. In other words we changed our domain form say xyz.local to xyz.local.com. This did correct the issue with the spam filter; however now there is some DNS confusion going on because for example some machines are trying to send WPAD requests to local.com (ip 63.251.207.35). Anyone seen this type of issue before?
Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations Chriss Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
DNS and local.com
- Thread starter John0616
- Start date
Very bad ide to use an existing DNS domain as AD domain that you don't have control over.
The problem is that if a machine does not use your AD/DNS server can't find your AD domain, insteed they find the "internet" domain local.com
Solution: change your AD domain to something that does not exist as a DNS domain (ex. local.adcom) or be sure that all your machines use yours DNS server that controlls yur AD domain.
The problem is that if a machine does not use your AD/DNS server can't find your AD domain, insteed they find the "internet" domain local.com
Solution: change your AD domain to something that does not exist as a DNS domain (ex. local.adcom) or be sure that all your machines use yours DNS server that controlls yur AD domain.
- Thread starter
- #3
Thank-you for your response GunnarD. In retrospect I agree that we made a poor choice. I wanted to be sure that I don't make any more bad decisions on this project, but I am not really seeing what is the best solution. All of our machines are using the AD DNS so for example if I ping our full domain name the traffic is directed back to our AD. The problem seems to be that this WPAD--and possibly some other services that I am not even aware of seem to only look at the first entry left of the.com. For us that means the machines are looking up local.com rather than xyz.local.com. With this in mind, even if I changed my domain to local.xyz.com. This WPAD and any other service that looks for the AD server the same way will look up xyz.com which we do own, but xyz.com is also our store front which is hosted on a commercial server off site. This of course means that either these requests will now be sent to our storefront--which is still wrong or more likely the DNS will send these requests internally back to the appropriate place, but viewing our own storefront site from inside the domain would not be so easy because all internal traffic looking up xyz.com would be routed back to the AD Server. While I have done some looking on the MS Website and it seems like there are tools available to change a domain name, but to me that seems risky without wiping out the whole server and starting over. Is there not some type of DNS entry that would make all of our internal machines resolve local.com back to the AD Server? I realize of course that this would make the outside local.com site hard to find , but we would never have need to visit this site anyway.
Hey everyone my server is running server2003 r2 as the DC and all of a suden when I try to go into actice directory it gives me an error saying catalog services can not be located and in the event log all errors point back to the catalog services and I have looked and looked for a solution to fix the problem no clients can connect to the system I also get an error saying naming info cannot be located any help would be much apprec.
Thanks techbarry
Thanks techbarry
- Status
Similar threads
- Locked
- Question
- Locked
- Question