| Author | Messages | |
blucas
Posts:2
 | | 03/18/2006 4:54 AM |
| Primary DNS server = 192.168.0.1 serves AD zone company.com
Web server for www.company.com = 192.168.50.50
A request is being made to have http://company.com resolve to
192.168.50.50.
My AD zone, company.com, already has an "A" record with no host value
pointing to 192.168.0.1. Specifically, it looks like this:
(same as parent folder) Host (A) 192.168.0.1
It seems to me it would be very bad to change this, right? That would
mean that any DNS request for "company.com" would resolve to my
webserver. That would be good for the http requests, but horrible for
everything else, like the clients and servers.
Is there any way to honor that request?
Thanks,
Bryan Lucas
Server Administrator
Texas Christian University
(817) 257-6971
List info : http://www.activedir.org/List.aspx
List FAQ : http://www.activedir.org/ListFAQ.aspx
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ | | | |
| AD000001153
Posts:0
| | 03/18/2006 7:57 AM |
| You can remove the A records with out any impact (if I remember they were for
legacy LDAP clients) but this requires more work than just removing the
records. You will have to change the registry entry below to "0" to disable
the registration of ALL A records, this includes some important DNS entries
that will need to be entered as static records (see below).
Key: HKLM\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters
Value: RegisterDNSARecords
Type: RegDWord
Value: 0/1 (default=1)
You will need to enter the following records statically, especially when
adding a GC...
gc._msdcs.company.com. 600 IN A 192.168.0.1
ForestDnsZones.company.com. 600 IN A 192.168.0.1
Domaindnzones.company.com. 600 IN A 192.168.0.1
Hope this helps.
-Alex
-----Original Message-----
From: ActiveDir-owner@xxxxxxxxxxxxxxxxxx
[mailto:ActiveDir-owner@xxxxxxxxxxxxxxxxxx] On Behalf Of Lucas, Bryan
Sent: Friday, March 17, 2006 8:54 PM
To: ActiveDir@xxxxxxxxxxxxxxxxxx
Subject: [ActiveDir] DNS question
Primary DNS server = 192.168.0.1 serves AD zone company.com
Web server for www.company.com = 192.168.50.50
A request is being made to have http://company.com resolve to
192.168.50.50.
My AD zone, company.com, already has an "A" record with no host value
pointing to 192.168.0.1. Specifically, it looks like this:
(same as parent folder) Host (A) 192.168.0.1
It seems to me it would be very bad to change this, right? That would
mean that any DNS request for "company.com" would resolve to my
webserver. That would be good for the http requests, but horrible for
everything else, like the clients and servers.
Is there any way to honor that request?
Thanks,
Bryan Lucas
Server Administrator
Texas Christian University
(817) 257-6971
List info : http://www.activedir.org/List.aspx
List FAQ : http://www.activedir.org/ListFAQ.aspx
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
List info : http://www.activedir.org/List.aspx
List FAQ : http://www.activedir.org/ListFAQ.aspx
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ | | | |
| AD000001153
Posts:0
| | 03/18/2006 8:03 AM |
| Stupid outlook...(yes I'm blaming the program for my mistake, it's St.
Patrick's day so I think I can get away with it...;-))
gc._msdcs.company.com. 600 IN A 192.168.0.1
ForestDnsZones.company.com. 600 IN A 192.168.0.1
Domaindnzones.company.com. 600 IN A 192.168.0.1
-----Original Message-----
From: ActiveDir-owner@xxxxxxxxxxxxxxxxxx
[mailto:ActiveDir-owner@xxxxxxxxxxxxxxxxxx] On Behalf Of Alex Fontana
Sent: Friday, March 17, 2006 11:57 PM
To: ActiveDir@xxxxxxxxxxxxxxxxxx
Subject: RE: [ActiveDir] DNS question
You can remove the A records with out any impact (if I remember they were for
legacy LDAP clients) but this requires more work than just removing the
records. You will have to change the registry entry below to "0" to disable
the registration of ALL A records, this includes some important DNS entries
that will need to be entered as static records (see below).
Key: HKLM\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters
Value: RegisterDNSARecords
Type: RegDWord
Value: 0/1 (default=1)
You will need to enter the following records statically, especially when
adding a GC...
gc._msdcs.company.com. 600 IN A 192.168.0.1
ForestDnsZones.company.com. 600 IN A 192.168.0.1
Domaindnzones.company.com. 600 IN A 192.168.0.1
Hope this helps.
-Alex
-----Original Message-----
From: ActiveDir-owner@xxxxxxxxxxxxxxxxxx
[mailto:ActiveDir-owner@xxxxxxxxxxxxxxxxxx] On Behalf Of Lucas, Bryan
Sent: Friday, March 17, 2006 8:54 PM
To: ActiveDir@xxxxxxxxxxxxxxxxxx
Subject: [ActiveDir] DNS question
Primary DNS server = 192.168.0.1 serves AD zone company.com
Web server for www.company.com = 192.168.50.50
A request is being made to have http://company.com resolve to
192.168.50.50.
My AD zone, company.com, already has an "A" record with no host value
pointing to 192.168.0.1. Specifically, it looks like this:
(same as parent folder) Host (A) 192.168.0.1
It seems to me it would be very bad to change this, right? That would
mean that any DNS request for "company.com" would resolve to my
webserver. That would be good for the http requests, but horrible for
everything else, like the clients and servers.
Is there any way to honor that request?
Thanks,
Bryan Lucas
Server Administrator
Texas Christian University
(817) 257-6971
List info : http://www.activedir.org/List.aspx
List FAQ : http://www.activedir.org/ListFAQ.aspx
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
List info : http://www.activedir.org/List.aspx
List FAQ : http://www.activedir.org/ListFAQ.aspx
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
List info : http://www.activedir.org/List.aspx
List FAQ : http://www.activedir.org/ListFAQ.aspx
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ | | | |
| blucas
Posts:2
| | 03/21/2006 1:11 AM |
| Any other comments? I'm going to have to make a recommendation on this
and am looking for as many opinions as possible. Has anyone made these
changes or does anyone forsee any other issues?
Bryan Lucas
Server Administrator
Texas Christian University
(817) 257-6971
-----Original Message-----
From: ActiveDir-owner@xxxxxxxxxxxxxxxxxx
[mailto:ActiveDir-owner@xxxxxxxxxxxxxxxxxx] On Behalf Of Alex Fontana
Sent: Saturday, March 18, 2006 1:57 AM
To: ActiveDir@xxxxxxxxxxxxxxxxxx
Subject: RE: [ActiveDir] DNS question
You can remove the A records with out any impact (if I remember they
were for
legacy LDAP clients) but this requires more work than just removing the
records. You will have to change the registry entry below to "0" to
disable
the registration of ALL A records, this includes some important DNS
entries
that will need to be entered as static records (see below).
Key: HKLM\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters
Value: RegisterDNSARecords
Type: RegDWord
Value: 0/1 (default=1)
You will need to enter the following records statically, especially when
adding a GC...
gc._msdcs.company.com. 600 IN A 192.168.0.1
ForestDnsZones.company.com. 600 IN A 192.168.0.1
Domaindnzones.company.com. 600 IN A 192.168.0.1
Hope this helps.
-Alex
-----Original Message-----
From: ActiveDir-owner@xxxxxxxxxxxxxxxxxx
[mailto:ActiveDir-owner@xxxxxxxxxxxxxxxxxx] On Behalf Of Lucas, Bryan
Sent: Friday, March 17, 2006 8:54 PM
To: ActiveDir@xxxxxxxxxxxxxxxxxx
Subject: [ActiveDir] DNS question
Primary DNS server = 192.168.0.1 serves AD zone company.com
Web server for www.company.com = 192.168.50.50
A request is being made to have http://company.com resolve to
192.168.50.50.
My AD zone, company.com, already has an "A" record with no host value
pointing to 192.168.0.1. Specifically, it looks like this:
(same as parent folder) Host (A) 192.168.0.1
It seems to me it would be very bad to change this, right? That would
mean that any DNS request for "company.com" would resolve to my
webserver. That would be good for the http requests, but horrible for
everything else, like the clients and servers.
Is there any way to honor that request?
Thanks,
Bryan Lucas
Server Administrator
Texas Christian University
(817) 257-6971
List info : http://www.activedir.org/List.aspx
List FAQ : http://www.activedir.org/ListFAQ.aspx
List archive:
http://www.mail-archive.com/activedir%40mail.activedir.org/
List info : http://www.activedir.org/List.aspx
List FAQ : http://www.activedir.org/ListFAQ.aspx
List archive:
http://www.mail-archive.com/activedir%40mail.activedir.org/
List info : http://www.activedir.org/List.aspx
List FAQ : http://www.activedir.org/ListFAQ.aspx
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ | | | |
| amulnick
Posts:127
| | 03/21/2006 2:55 AM |
| You can find Microsoft's view on this: http://www.microsoft.com/technet/community/chats/trans/win2ksrv/w2ad16p.mspx
Search for RegisterDNSARecords in the text. Personally? I wouldn't opt for changing that record but instead would refuse the request and suggest that they figure another way to achieve the goal. At the very least a justification and impact of making that change should be communicated back.
Al
On 3/20/06, Lucas, Bryan wrote:
Any other comments? I'm going to have to make a recommendation on thisand am looking for as many opinions as possible. Has anyone made these
changes or does anyone forsee any other issues?Bryan LucasServer AdministratorTexas Christian University(817) 257-6971-----Original Message-----From:
ActiveDir-owner@xxxxxxxxxxxxxxxxxx[mailto:ActiveDir-owner@xxxxxxxxxxxxxxxxxx] On Behalf Of Alex FontanaSent: Saturday, March 18, 2006 1:57 AMTo:
ActiveDir@xxxxxxxxxxxxxxxxxxSubject: RE: [ActiveDir] DNS questionYou can remove the A records with out any impact (if I remember theywere forlegacy LDAP clients) but this requires more work than just removing the
records. You will have to change the registry entry below to "0" todisablethe registration of ALL A records, this includes some important DNSentriesthat will need to be entered as static records (see below).
Key: HKLM\SYSTEM\CurrentControlSet\Services\Netlogon\ParametersValue: RegisterDNSARecordsType: RegDWordValue: 0/1 (default=1)You will need to enter the following records statically, especially when
adding a GC...gc._msdcs.company.com. 600 IN A 192.168.0.1ForestDnsZones.company.com. 600 IN A 192.168.0.1
Domaindnzones.company.com. 600 IN A 192.168.0.1Hope this helps.-Alex-----Original Message-----From:
ActiveDir-owner@xxxxxxxxxxxxxxxxxx[mailto:ActiveDir-owner@xxxxxxxxxxxxxxxxxx] On Behalf Of Lucas, BryanSent: Friday, March 17, 2006 8:54 PMTo:
ActiveDir@xxxxxxxxxxxxxxxxxxSubject: [ActiveDir] DNS questionPrimary DNS server = 192.168.0.1 serves AD zone company.comWeb server for
www.company.com = 192.168.50.50A request is being made to have http://company.com resolve to
192.168.50.50.My AD zone, company.com, already has an "A" record with no host valuepointing to 192.168.0.1. Specifically, it looks like this:
(same as parent folder) Host (A) 192.168.0.1It seems to me it would be very bad to change this, right? That wouldmean that any DNS request for "
company.com" would resolve to mywebserver. That would be good for the http requests, but horrible foreverything else, like the clients and servers.Is there any way to honor that request?Thanks,
Bryan LucasServer AdministratorTexas Christian University(817) 257-6971List info : http://www.activedir.org/List.aspxList FAQ :
http://www.activedir.org/ListFAQ.aspxList archive:http://www.mail-archive.com/activedir%40mail.activedir.org/List info :
http://www.activedir.org/List.aspxList FAQ : http://www.activedir.org/ListFAQ.aspxList archive:
http://www.mail-archive.com/activedir%40mail.activedir.org/List info : http://www.activedir.org/List.aspxList FAQ :
http://www.activedir.org/ListFAQ.aspxList archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ | | | |
|
|