do I need to configure Forwarder in my AD DNS???

  • Thread starter Thread starter Mail Man
  • Start date Start date
M

Mail Man

We have 2 DNS one Public and other is Local for Active Directory and
resolve LAN names
My users access the Internet via proxy server
Is it good practice not to configure my Local DNS to forward Query (if
failed to resolve it) to Public DNS?
Since the users relying in Proxy to solve external names
Thanks 4 your time
 
Mail said:
We have 2 DNS one Public and other is Local for Active Directory and
resolve LAN names
My users access the Internet via proxy server
Is it good practice not to configure my Local DNS to forward Query (if
failed to resolve it) to Public DNS?
Since the users relying in Proxy to solve external names
Thanks 4 your time
Click to expand...

This will cause you problems. All servers and workstations should specify
*only* the internal AD-integrated DNS server's IP address in their network
settings. The AD-integrated DNS server should be set up with forwarders to
your ISP's DNS servers for external resolution. See
http://support.microsoft.com/default.aspx?scid=kb;en-us;300202 for more
info.
 
As you say, since the proxy server is handling your user's needs for
external access you probably don't need forwarding.

You could choose not to configure forwarding as a security measure or you
could choose to configure it just in case any client ever tries to use it
for some reason. It's up to you.
 
In
Mail Man said:
We have 2 DNS one Public and other is Local for Active Directory and
resolve LAN names
My users access the Internet via proxy server
Is it good practice not to configure my Local DNS to forward Query (if
failed to resolve it) to Public DNS?
Since the users relying in Proxy to solve external names
Thanks 4 your time
Click to expand...

Since you have an Active Directory domain, internal clients cannot use the
proxy for external DNS. All clients must still use the internal DNS for all
DNS requests. You can configure your internal DNS to use the proxy for its
forwarder.
 
In
Mail Man in said:
We have 2 DNS one Public and other is Local for Active Directory and
resolve LAN names
My users access the Internet via proxy server
Is it good practice not to configure my Local DNS to forward Query (if
failed to resolve it) to Public DNS?
Since the users relying in Proxy to solve external names
Thanks 4 your time
Click to expand...

Keep the root. Follow the other suggestions. Just make sure the Proxy can
resolve externally.

--
Regards,
Ace

Please direct all replies ONLY to the Microsoft public newsgroup so all
can benefit. This posting is provided "AS-IS" with no warranties and
confers no rights.

Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
Microsoft Windows MVP - Active Directory

HAM AND EGGS: A day's work for a chicken; A lifetime commitment for a
pig. --
=================================
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

conditional forwarding in DNS 1
New AD DNS Configuration Question 12
DNS forwarder 1
DNS forwarding loop 0
Configure Forwarders 1
Question on DNS Forwarders 7
Strange DNS forwarding issues 5
DNS forwarding fails 5

Back
Top