Quick Domain Question...maybe DNS question

Discussion in 'Networking & Security' started by VeeDubbs, Feb 23, 2011.

  1. VeeDubbs

    VeeDubbs Limp Gawd

    Messages:
    398
    Joined:
    Dec 9, 2005
    So I recently setup a domain for small non-profit company.

    The domain is hopecouncil.org, but they also have a website hopecouncil.org.

    Users can sometimes get to http://hopecouncil.org in a browser and sometimes they can't.

    When I do an nslookup hopecouncil.org I get the IP of the server returned.

    What can I do so when they want to get to website they get there, but logging into the hopecoucnil.org domain takes them to the DC?
     
  2. thefreeaccount

    thefreeaccount Gawd

    Messages:
    832
    Joined:
    Aug 8, 2010
    You've found out the hard way why the windows domain name should never be the same as the external DNS name. 8)

    AFAIK you have four options:
    1) "Re-educate" your users to type www.hopecouncil.org when they are at work
    2) Use a proxy server and have it redirect hopecouncil.org to your web host
    3) Install IIS on every domain controller and have it redirect
    4) Use a registry hack on every domain controller: http://goo.gl/AAokV
     
  3. koolaidkitten

    koolaidkitten Gawd

    Messages:
    633
    Joined:
    Apr 28, 2006
    When i do a domain i usually use .local as the suffix.
     
  4. Miker2k

    Miker2k [H]Lite

    Messages:
    83
    Joined:
    Dec 6, 2010
    Yes, split internal and external DNS either with different internal (I like .local) and external domain names or with totally separate inside/outside dns server(s).
     
  5. VeeDubbs

    VeeDubbs Limp Gawd

    Messages:
    398
    Joined:
    Dec 9, 2005
    Well that sucks. Wish I had known that before.

    Now it seems that even http://www.hopecouncil.org doesn't want to work.

    I'm gonna need to look into that hack a bit more tomorrow. Hopefully there are some people on here willing to help me out because it didn't quite make sense to me!

    Thanks everyone!
     
  6. RiDDLeRThC

    RiDDLeRThC 2[H]4U

    Messages:
    3,879
    Joined:
    Jun 13, 2002
    yeah, always best to use something different than the external host name. you could even do internal.domain.org but usually people do .local or .lan. I found .lan worked well when you have Mac's in the network because Apple's zero config technology uses .local.
     
  7. VeeDubbs

    VeeDubbs Limp Gawd

    Messages:
    398
    Joined:
    Dec 9, 2005
    Any chance I can rename or modify my current domain to use .local? Or would I have to start over from scratch?
     
  8. VeeDubbs

    VeeDubbs Limp Gawd

    Messages:
    398
    Joined:
    Dec 9, 2005
    I see there is a Rendom.exe utility. Is this worth a try, or would it be a giant headache?
     
  9. RiDDLeRThC

    RiDDLeRThC 2[H]4U

    Messages:
    3,879
    Joined:
    Jun 13, 2002
  10. VeeDubbs

    VeeDubbs Limp Gawd

    Messages:
    398
    Joined:
    Dec 9, 2005
    Not very long. Just as of last weekend. I'm guessing I'd have to recreate the domain, all user accounts, all printers, etc...? And then set security on all the shared folders again?

    I guess I don't understand why using an HTTP redirect isn't working in IIS. Very confusing... Very frustrating...
     
  11. thefreeaccount

    thefreeaccount Gawd

    Messages:
    832
    Joined:
    Aug 8, 2010
    Did you by chance forget to install the HTTP redirection role?
     
  12. mwarps

    mwarps [H]ardness Supreme

    Messages:
    7,000
    Joined:
    Oct 6, 2002
    From a DNS perspective, you're all set. You have a CNAME pointing at the root A record for the domain.

    Time to start pulling your hair out with IIS?
     
  13. zEp

    zEp n00b

    Messages:
    51
    Joined:
    Dec 8, 2010
    Renaming the local domain to hopecouncil.local from hopecouncil.org is not a big deal and the netbios will not be changing so that makes it even easier. You do have to do a bit of reading to prepare but it is not dark vodoo like some think.

    With that said if they have Exchange 2007 or 2010 installed then it will not work.