New Domain Added to DNS?

[DavidM]

Hello all -- I have a question that I'm hoping your smart folks can assist
me with.

I currently have a W2K AD domain (called FIS.local). All our W2K/XP clients
and servers log into this domain. No problems here.

I am setting up a new Intranet web server running IIS which is also a member
of the FIS.local domain.

I would like my users to reference this server has www.fisne.net internally.
I assume this requires me to add a new domain to DNS? What exactly do I
need to do?

The other trick is that our Extranet customers that have circuits into us
also need to access this Intranet server. I prefer not to require them to
use IP address. Instead, I want them to reference as www.fisne.net.

Since customers have their own DNS/WINS or whatever server, I want them to
be responsible for adding IP to their servers or HOSTS file, if appropriate.

Customers' network, client, and servers are totally separate from ours..

Does this make sense? What's the best approach?

Any help or comments would be appreciated.

 

[Jim Singh]

All you have to do for your internal clients to get to the IIS server is to
locate by it name or cname record, which is provided by DNS. So, yes you
have to create an A host record with fisne.net name and IP. this will take
care of the internal name resolution part. (supposing that they log on to
the same domain, and this server is not in another domain.) If this server
was in another domain then you could use the "conditional forwarding" or
"stub zone" features of w2k3 ( but u dont have that).

As far as the extranet clients go, if they are acussition partners or
subsidiary they must/should have a one/two way trust relationship with ur
company, in which case they have a choice of "conditinal forwarding" or
"stub Zone" if they have w2k3. if the clients have no relationship with you
company and they need to access the IIS box then a simple name (fisne.net)
query will take them to the iis server unless its behind the firewall ( in
which case u have to open appropriate ports i.e. 443, 80 etc)

-Jim

 

[Chriss3 [MVP]]

Hello David. If you want to publish this dns name space externally you can
do so, otherwise you can setup another dns server within the network with
this name space (zone) , you can then forward name lookup for this
particular zone from your DNS Server holding the AD zone.

<client--> <AD DNS (Domain Controller)--><FORWARD REQUESTED AT:
www.fisne.net.--> <DNS SERVER FOR www.fisne.net.>

You can also just create a standard zone within the DNS Server running at
the domain controller.

--
Regards
Christoffer Andersson
Microsoft MVP - Directory Services

No email replies please - reply in the newsgroup

 

[DavidM]

The IIS server which is on the same AD domain which is fis.local. However,
I would like to have end-users reference the IIS server as fisnet.net.

If I go to DNS Management now and try to add a new "A" record. I can issue
the name of the box and the IP... however, I cannot change the FQDN. It is
prefilled with fis.local.

The machine name of IIS is called harweb02.

After doing the above, I notice there is now a

harweb02.fis.local
www.fisne.net.fis.local

It also created under "Forward Lookup Zones" a new entry called "net" with
the name and a record called "www" with the IP.

Is this normal? I can bring up IE and type http://www.fisnet.net and it
appears to resolve.


Regarding customers... they have no access to our DNS or anything. Just a
few of our servers. So I simply want them to add my server/domain or
whatever to their DNS/WINS or add static HOSTS entry. Does this make sense?

 

[Jim Singh]

Yes this is fine, since the server belongs to the domain called fis.local.
the only way you could change that FQDN in w2k is if you were to make
another seperate domain for you IIS sever(web apps) or have a seperate tree
in the forest.

-Jim

 

[Enkidu]

Inline,

Cliff

{MVP Directory Services}

Hello all -- I have a question that I'm hoping your smart folks can assist
me with.

I currently have a W2K AD domain (called FIS.local). All our W2K/XP clients
and servers log into this domain. No problems here.

I am setting up a new Intranet web server running IIS which is also a member
of the FIS.local domain.

I would like my users to reference this server has www.fisne.net internally.
I assume this requires me to add a new domain to DNS? What exactly do I
need to do?

You need to add a new "zone" called "fisne.net', and a new host in
that zone called "www" with the same IP address as the server
currently has.

The other trick is that our Extranet customers that have circuits into us
also need to access this Intranet server. I prefer not to require them to
use IP address. Instead, I want them to reference as www.fisne.net.

Since customers have their own DNS/WINS or whatever server, I want them to
be responsible for adding IP to their servers or HOSTS file, if appropriate.

OK, if your customers are to access this server over the Internet,
then you need to provide, or have a DNS service provider provide, a
zone external to your network that contains a host record pointing to
your server (either directly or through your firewall).

Normally, you would have the external DNS setup with the external IP
address of your firewall or router and that would be translated
(NATted) into the internal IP address of your firewall.

If your customer have a direct connection to your network, you would
need to provide them with access to your DNS as well as your web
server.

The way DNS works, the clients would not normally hardcode your IP
information in their DNS or host files. It is normal for you to have
the responsibility of providing the DNS name to IP address mapping.