DNS configuration for GSS

Similar Messages

• DNS configuration for web access

  Hi All,
  I'm setting up a SL server for the first time and it's working great for users inside our building and on our network, but we're unable to access anything on it through the web (including a basic homepage) and I think it has to do with our DNS setup. We've got the domain tgroupproductions.com through goDaddy and I've set up the ns1 and ns2 info in the host summary pointing to my public ip 216.3.118.152 and added both ns1.tgroupproductions.com and ns2.tgroupproductions.com to the goDaddy nameserv list.
  I've attached images of my dns configuration and of the intodns.com scan results. I just want to double check to make sure I'm setup correctly. It's possible I just haven't waited long enough for the changes to take effect
  DNS Setting: https://files.me.com...ek.klein/mp3enf
  Intodns.com: https://files.me.com...ek.klein/d33nlt

  Sorry about the images...don't know why they are working. I'll embed them at the bottom of this post.
  As for why I'm not using GoDaddy...I have no problem using them as a public dns (meaning I'd have to change the nameservs back to the ns17.domaincontrol.com and ns18 nameservs?) but the site wasn't functioning with those in place so we tried to set up our own internal dns. I had followed a tutorial at http://osx411.com/index.php?/topic/19-using-mac-os-x-server-to-host-websites-fro m-home/ but either I'm misunderstanding or I missed something.
  Here are the images:
  Message was edited by: fkick1

• DNS configuration for webhosting

  Our intention is to use an Xserve as a webhosting platform, but have huge problems in configuring DNS for each domain hosted.
  Can someone provide me with a template what I have to provide for a typical domain name at the server admin tools ?
  How would I proceed to create sub-domains like test.domain.com and sample.domain.com - creating multiple machines with the same IP doesn't allow me to save them (would need to use different IPs) ?
  Also how to set up PTR records ?
  Please find an actual entry below (seems not to work correctly (e.g. DNS report tool state "no reverse DNS entries for MX records")):
  Settings/General:
  Zone transfers allowed
  Recursion disabled
  Settings/Editing zone/General:
  Zone name: domain.com
  Server name: www
  IP address selected
  Name servers:
  www.domain.com (pre-set, not editable)
  dns1.domain.com
  dns2.domain.com
  Admin e-mail set; Zone is valid for six hours - changed from 24 to allow faster updates, hope that this does not cause problems, does ?
  Settings/Machines:
  IP address: Same as before
  Name: www
  Aliases: domain.com
  This machine is a mail server... precedence: 10 (and checkbox marked)
  Other fields are empty
  Any help is appreciated, because I really hang here and need to get it done quickly over the weekend...
    Mac OS X (10.4.8)  

  Thanks for your quick reply
  Apple hasn't fixed a lot of bugs in Server Admin and a lot of the pro users
  have basically suggested doing the DNS zones by hand (which you can easily
  do)
  I noticed this, too. For example when editing a zone and trying to specify name servers, it is a hard job to get the entries in this list. Either they are being removed or not taken over. Such an important service and Apple seems to take care soo less...
  Anyway, I have to live with it
  You wrote:
  First, you'll want to add something like this for each domain you want to
  host in your /etc/named.conf:
  zone "domain1.com" IN {
  file "domain1.com.zone";
  type master;
  and then create /var/named/domain1.com.zone
  which will handle all your cname, A and MX records
  When doing so, do the entries appear at the server admin tool and how does it affect the settings there when (mistakenly) using the admin tools to change a record ?
  Is there a way to do a "spell check" when I made a modification to named.conf or created one of the *.zone files to ensure that there are no errors in what I wrote ?
  Ideally there would be a replacement tool for Apple's server admin tool that manages this task ?
  Or does someone know for a web-based tool that provides basic zone file entries when telling some information about the domain ? So something for dummies...
  And now few stupid questions for your link to zytrax.com...:
  Are the spaces in the sample there spaces or tabs ? And just used for readability or required ?
  For example:
  IN NS ns1.example.com. ; in the domain
  could be written as
  IN NS ns1.example.com
  I guess that ";" (semicolon) marks the beginning of a comment which can be skipped ?
  And what's about the reverse map zone file described at http://www.zytrax.com/books/dns/ch6/reverse-map.html ? Can these entries made in the *.zone file also ?
  I guess I do need these files and entries at named.conf only at the Xserve that should act as primary one and specify the secondary zones at the server tools at the second server ? The primary DNS Xserve would have zone transfers enabled, of course.

• DNS configuration for webhosting - follow-up question

  In regard to my previous inquiry I want to add another question affiliated with that.
  We want to use our own DNS servers for domain registration. For this purpose, I need two DNS servers - ns1.domain.com and ns2.domain.com.
  domain.com is a domain owned by us that should get also managed at the Xserve's DNS service.
  For that reason I would need to add two sub-domain records to the DNS entry for the zone domain.com, wouldn't ?
  But how do I achieve this ?
  When trying to add another "machine" (comparable to "CNAME" ?), server admin requires me to use a different IP address (it won't let me save two machines for one zone with the same IP; see my previous inquiry, I created a machine for "www"). And I see no other way to do this (therefore it also seems not to be possible to create a sub-domain like meat.domain.com).
  Maybe someone can direct me to the right solution.
  It appears to me that Apple uses different terminology in their DNS system; at least although I'm a bit experienced with DNS, I totally hang here.
  I look forward your assistance
    Mac OS X (10.4.8)  

  Hi there,
  Have you seen or thought about using Tenon iTools?
  http://www.tenon.com/products/itools-osx/
  Seems like the way to go for virtual hosting on a mac.
  Aloha,
  Tony

• DNS Configuration for Exchange 2013

  I have a stand alone server 2012 with AD, DHCP, DNS and Exchange on it and started getting DDoS attacks
  I installed a firewall had to change the subnet of the server from 10.0.0.0/24 to 192.168.1.0/24 and after re-configuring the Servers IP, DHCP and DNS found that I had no incoming email. (invalid Security Certificate)
  I found that mail  traffic was directed to the Router instead of Exchange and being rejected with the routers security certificate. I have since fiddled with the DNS so many times I don't know what is right and wrong
  Anyone have any ideas where I have gone wrong  what is in the tables that shouldn't be there and what is missing.
  email address is user.mail.domain.com
  Geotrust SSL Security Certificate is mail.domain.com autodiscover.domain.com server01.domain.com
  **Forward lookup for domain.com
  Same as parent SOA
  [28]server01.domain.com, hostmaster.domain.com
  Same as parent NS
  server01.domain.com
  Same as parent NS
  ns1.domain.com
  Same as parent NS
  ns2.domain.com
  Same as parent MX
  [10]mail.domain.com
  Same as parent MX
  [20]mail.domain.com
  server01 MX [10]mail.domain.com
  Same as parent HostA
  192.168.1.10
  Same as parent HostA
  139.130.XXX.YYY
  server01 HostA
  192.168.1.10
  mail HostA 192.168.1.10
  mail HostA 139.130.XXX.YYY
  localhost HostA
  127.0.0.0
  Properties SOA ns1.domain.com 139.130.XXX.YYY
  ns2.domain.com 139.130.XXX.YYY
  server01.domain.com 192.168.1.10
  **Forward lookup for mail.domain.com
  Same as parent SOA
  [1]server01.domain.com, hostmaster.domain.com
  Same as parent NS
  server01.domain.com
  Same as parent HostA
  192.168.1.10
  Same as parent HostA
  139.130.XXX.YYY
  Properties of SOA server01.domain.com
  192.168.1.10
  **Reverse Lookup
  1.168.192.in-addr.arpa
  Same as parent SOA
  [1]server01.domain.com, hostmaster.domain.com
  Same as parent NS
  server01.domain.com
  Same as parent NS
  ns1.domain.com
  192.168.1.10 PTR
  domain.com
  192.168.1.10 PTR
  mail.domain.com
  OWA and Outlook 2013 work incoming and outgoing from within the subnet,  both internal emails and  external emails
  But users off site can't log in to outlook 2013 and get blocked with OWA  by invalid security certificate.
  **Testconnectivity.microsoft.com  results
  autodiscover failed
  resolved host domain.com successful with both correct IP addresses returned
  Port 443 open
  SSL Certificate incorrect it is the routers Certificate  not the Geotrust certificate.
  **This is the real issue, and I can't figure out why 
  Thanks Alan

  Thanks Luke
  Yes you are right , I get alternate WAN and LAN Ip addresses when I flushdns
  I suspected I had additional entries ans/or wrong entries in the DNS Zones
  i reformatted to show up in columns in the post
  I hope you can point out which are wrong
  **Forward lookup for domain.com
  Same as parent----- SOA----[28]server01.domain.com, hostmaster.domain.com
  Same as parent----- NS -----server01.domain.com
  Same as parent----- NS -----ns1.domain.com
  Same as parent----- NS -----ns2.domain.com
  Same as parent----- MX -----[10]mail.domain.com
  Same as parent----- MX -----[20]mail.domain.com
  server01-------------- MX----- [10]mail.domain.com
  Same as parent----- HostA --192.168.1.10
  Same as parent----- HostA --139.130.XXX.YYY
  server01-------------- HostA --192.168.1.10
  mail --------------------HostA-- 192.168.1.10
  mail --------------------HostA-- 139.130.XXX.YYY
  localhost-------------- HostA --127.0.0.0
  Properties SOA --ns1.domain.com 139.130.XXX.YYY
  ----------------------ns2.domain.com 139.130.XXX.YYY
  ----------------------server01.domain.com 192.168.1.10 
  **Forward lookup for mail.domain.com
  Same as parent----- SOA------[1]server01.domain.com, hostmaster.domain.com
  Same as parent----- NS--------server01.domain.com
  Same as parent -----HostA---192.168.1.10
  Same as parent -----HostA---139.130.XXX.YYY
  Properties of SOA server01.domain.com
  192.168.1.10
  **Reverse Lookup
  1.168.192.in-addr.arpa
  Same as parent----- SOA-----[1]server01.domain.com, hostmaster.domain.com
  Same as parent----- NS-------server01.domain.com
  Same as parent----- NS-------ns1.domain.com
  192.168.1.10-------- PTR------domain.com
  192.168.1.10-------- PTR------mail.domain.com
  do I need an autodiscover record?
  I setup 2 forward lookup zones  domain.com and mail.domain.com
  From memory the mail.domain.com was for external access but I don't think that was how it turned out
  Thanks

• DNS configuration in two-domain forests

  hi all,
  We have a forest with two separate domains.First of all we had domain A. When we added the first domain controller for the second domain (B), a trust relationship was established and look fine. but then we realised DNS configuration was not nice and
  some replication issues came out.
  What we have done is setting up domain B zone as a secondary Zone in domain A, and viceversa.
  We configured primary zones to be able to be transferred to the Domain controllers in the other domain and also configured notifications.
  Even with this configuration, some times we check zones and find it empty but a single.
  Does anyone one if our configuration is the right one for our infrastructure? I have been loking in the internet for a manual or a document  regarding DNS configuration for this infrastructure, but I could not find it, Do you know of any manual or document?
  Thank you very much
  kind regards.
  David.

  Hi David,
  First, make sure that the TCP and UDP port 53 is not blocked. To verify it a port is blocked, please use the portqry.
  To download portqry, please click the link below,
  PortQryUI - User Interface for the PortQry Command Line Port Scanner
  http://www.microsoft.com/en-hk/download/details.aspx?id=24009
  If the port is not blocked, please check the serial number of the zone in both of the primary and secondary server.
  If serial number is the same at both the source and destination servers, no zone transfer occurs between the servers.
  To resolve this issue, please follow the steps blow,
  After you increase the serial number at the master server to a higher value than is used currently at the secondary server, initiate zone transfer at the secondary server.
  Increase the value of the serial number for the zone at the master server (source) to a number greater than the value at the applicable secondary server (destination).
  Here is an article about how to troubleshoot zone issues, it may be helpful.
  http://technet.microsoft.com/en-us/library/cc731210.aspx
  Besides, instead of creating scondary zone, we can add conditional forwarder on the DNS server.
  To add conditional forwarder, please refer to the link below,
  http://technet.microsoft.com/en-us/library/cc794735(v=WS.10).aspx
  Best Regards.
  Steven Lee
  TechNet Community Support

• Running DNS service for SCAN in the openfiler VM

  Grid version     : 11.2.0.3
  Guest OS     : Oracle Enterprise Linux 6.3
  Host OS          : Windows 7 (64-bit ) with 16gb Physical RAM
  Hypervisor : Virtual Box 4.2.6
  Openfiler version : 2.99
  Using virtualBox, I am setting up a 2-node RAC node on Oracle Linux.
  I have a 3rd VM which runs openfiler ( NAS )
  For using SCAN feauture, I would like to run a DNS service as mentioned in the article below
  http://www.oracle-base.com/articles/linux/dns-configuration-for-scan.php
  I don't want to run the DNS service in any of the two RAC nodes. Instead of creating a separate VM just for the DNS , I am thinking of running it in the Openfiler VM.
  Openfiler is running in a Linux Distro called rPath. I am not sure if the packages mentioned in the above oracle-base.com article is available in this distro. Has anyone run a similair DNS service in the Openfiler OS ?

  I doubt it.  OpenFiler is a "stripped-down" OS.
  But Wait ! A Google search returned this : http://www.denbraber.org/?p=4
  Hemant K Chitale
  Edited by: Hemant K Chitale on Apr 22, 2013 5:10 PM

• GSS as primary DNS Server for Intranet

  Hi,
  Can the GSS be used as a as primary DNS server for Intranet? An additional DNS server can be configured to answer the unknown Records like MX by GSS.
  if it can be configured, I would be thankful if anyone shares with me the brief configuration steps Apart from configuring Answers, answer groups, domain lists, source address lists, DNS rules.
  with thanks
  sathappan

  Yeah I'd certainly recommend against it! So essentially the client machines are unable to update or query dynamic AD related DNS records since they're not pointing to the DNS servers actually used by your AD server(s). I could well imagine that causing
  issues, and meaning that some AD functionality won't work correctly.
  I know you can directly integrate BIND with AD, eg so that the BIND servers are the ones used by AD, though I haven't tried it, but this seems to be neither.
  I can't find any articles relating to your exact situation, presumably no one else has tried to use such a mixed and disjoined setup. I'd focus on looking for articles relating to why you shouldn't point your users at a router (most commonly in small setups
  on ADSL) for the DNS rather than directing them to the server for DNS and then having that query the router for external results. It's a more common scenario and you're more likely to find articles relating to it.
  One article you might find useful is
  http://msmvps.com/blogs/acefekay/archive/2009/08/17/ad-and-its-reliance-on-dns.aspx which talks in terms of using your ISP's DNS servers on the client machines, but in your situation it sounds like the BIND servers are essentially providing an equivalent
  setup.
  There's also various discussions and comments on the topic elsewhere on these forums, for instance
  http://social.technet.microsoft.com/Forums/windowsserver/en-US/c3ba3859-765e-4b3f-add0-eaf2c18e1068/i-have-dns-in-a-router-and-i-want-to-install-domain-controller?forum=winservergen and
  http://social.technet.microsoft.com/Forums/windowsserver/en-US/b5df8fd4-7ab2-4d1e-afe2-c5263c4d69c3/dns-server-forwarding-and-clients-getting-address-of-registrars-ip?forum=winserverNIS which are worth checking out.

• Proper Configuration of DNS server for our new branch office

  Hi All,
  Our new office will setup a new branch office with a routed network link to our HO. In HO, we have 2 domain controllers configured as AD and DNS just for fail over scenarios.
  How will we configure the DNS server of our 3rd domain controller which we will placed in the new branch office. What would be the proper settings of DNS server integrated to AD to work well especially to have a successful replication and communication to
  the 2 DC's located in HO?

  Hi,
  If you have multiple DC's in that site i would recommend using any of the partner DC's IP addresses as preferred one and secondary DNS IP to pointing to itself. Dont use loopback addresses configure it with actual IP addresses.
  If you have only one server in branch office point itself as the primary DNS and HO DC as secondary and tertiary.
  Make sure that all clients in your branch site are pointing to the branch DC as primary DNS server.
  Regards,
  Rafic
  If you found this post helpful, please give it a "Helpful" vote.
  If it answered your question, remember to mark it as an "Answer".
  This posting is provided "AS IS" with no warranties and confers no rights! Always test ANY suggestion in a test environment before implementing!

• #554 5.4.4 SMTPSEND.DNS.MxLoopback; DNS records for this domain are configured in a loop ##

  Hi,
  This is my first post here. 
  My exchange server of late is facing a peculiar problem. I get the error message that I have posted below when sending mails to any outside domain. However when I restart the server the mails can be resend to the address without any issue. After a certain
  time again the issue pops up upon which I am forced to restart the server again. I am running 2007 Exchange on Windows 2003.
  Generating server: name.mydomain.com
  [email protected]
  #554 5.4.4 SMTPSEND.DNS.MxLoopback; DNS records for this domain are configured in a loop ##
  [email protected]
  #554 5.4.4 SMTPSEND.DNS.MxLoopback; DNS records for this domain are configured in a loop ##
  Original message headers:
  Received: from name.mydomain.com ([1xx.xxx.xxx.xx5]) by MHDMAILS.mouwasat.com
   ([1xx.xxx.xxx.xx5]) with mapi; Wed, 19 Oct 2011 08:56:29 +0300
  From:  <[email protected]>
  To: <[email protected]>
  CC: "Al Alami,Tareq" <[email protected]>
  Date: Wed, 19 Oct 2011 08:56:27 +0300
  Subject: RE:   
  Thread-Topic:   
  Thread-Index: AcyAQ5tu8z9CvBfdT5+1pcGQkk6x0AIuwczAAAGZjeABQyW5sAADeeJQAAETNDA=
  Message-ID: <[email protected]>
  References: <[email protected]com>
   <[email protected]com>
  Accept-Language: en-US
  Content-Language: en-US
  X-MS-Has-Attach: yes
  X-MS-TNEF-Correlator:
  acceptlanguage: en-US
  Content-Type: multipart/related;
              boundary="_004_EEC8FA6B3B286A4E90D709FECDF51AA06C0588CA11namedomain_";
              type="multipart/alternative"
  MIME-Version: 1.0

  On Sun, 23 Oct 2011 15:05:15 +0000, Jobin Jacob wrote:
  >
  >
  >Even af
  >
  >ter removing my domain from the send connector I continue to receive the error. I would like to say I do have a firewall, Cyberoam. However, it was the same configuration till now in the firewall. I did try Mx lookup and found the following.
  >
  >Could there be any other solution to this issue ?
  Sure, but it's necessary to ask a lot of questions since none of us
  know how your organization is set up.
  I see you also have "Use the External DNS Lookup settings on the
  transport server" box checked. How have you configured the "External
  DNS Lookups" on the HT server's property page? Is there any good
  reason why you aren't just using your internal DNS servers? If the
  internal DNS servers are configured to resolve (or forward) queries
  for "external" domains then there's no reason to use that checkbox. In
  most cases checking that box is a mistake.
  http://technet.microsoft.com/en-us/library/aa997166(EXCHG.80).aspx
  The behavior you describe (it works for a while and then fails;
  restarting the server returns it to a working state) sure sounds like
  some sort of DNS problem.
  Rich Matheisen
  MCSE+I, Exchange MVP
  --- Rich Matheisen MCSE+I, Exchange MVP

• Support for IPv6 Router Advertisement Option for DNS Configuration RFC 5006

  Hi everyone, do you know that whether Cisco routers support “IPv6 Router Advertisement Option for DNS Configuration RFC 5006” currently, is there any roadmap for this support? Thanks for your help!

  No, this is not currently supported, and the last I heard, there is no roadmap for this until it becomes a standard (as opposed to being experimental).

• I need help with proper DNS setup for 10.5.8 Server

  I'm administering a 10.5.8 server that I sold and setup about a year ago. I'm experiencing issues with getting iCal server to be happy. All of the clients are running 10.5.8, but I'm running 10.6.1. I've heard from others that connecting iCal in 10.6 to a 10.5 iCal Server should be no problem.
  I'm beginning to think that I have DNS issues. Probably because I'm not and never have been 100% certain how to set it up completely correctly. I used to be able to get Kerberos tickets, but now I can't. With the new "Ticket Viewer" in 10.6, it asks for two bits of information. First is "Identity" where I'm guessing I should put [email protected] and then password. When I do this I get an alert dialog that says "Kerberos Error -- cannot resolve network address for KDC in realm example.com"
  The server is a Mac Pro tower with two Ethernet ports. En2 is connected directly to the Internet and has a static IP with a domain name assigned to it. We'll call it "example.com" for the purposes of the discussion. The En1 is connected to the network switch and has a static LAN IP of 192.168.1.250. All clients inside and outside are able to reach the server via domain name for WWW & AFP, no problem.
  nslookup on the static IP address returns "example.com" and nslookup on "example.com" returns the correct static IP address. Open Directory is running and happy including Kerberos. The LDAP search base is "dc=example,dc=com". The LDAP search base is a concept I haven't quite grasped, so I'm just going to assume it's correct.
  The domain name is hosted outside by a service provider that forwards all "example.com" requests to the server with the exception of mail.
  In DNS, I have three "sections" that look like this:
  Name Type Value
  1.168.192.in-addr.arpa. Reverse Zone -
  192.168.1.250 Reverse Mapping example.com.
  000.000.00.in-addr.arpa. Reverse Zone -
  000.000.000.000 Reverse Mapping example.com.
  com. Primary Zone -
  mail.example.com. Alias mail.our-email-isp.com.
  example.com. Machine Multiple values
  www.example.com. Machine Multiple values
  NOTE: the zeros aren't actually zeros, they are the static IP assigned to the server/domain
  When I select the top element "1.168.192.in-addr.arpa." down below "Allows zone transfer" is NOT checked. Nameservers shows the zone as "1.168.192.in-addr.arpa." and the Nameserver Hostname as "ns.example.com."
  When I select the next line down "192.168.1.250", Resolve 192.168.1.250 to: example.com.
  When I select the "000.000.00.in-addr.arpa." element, it has the same settings -- nameservers "000.000.00.in-addr.arpa." and "ns.example.com."
  When I select the next line down (our static IP), Resolve 000.000.000.000 to: example.com.
  When I select "com." the admin email is populated with a valid email address, Allows zone transfer is NOT checked. In nameservers, Zone is "com." and Nameserver Hostname is "example.com." The mail exchangers are mail2.our-email-isp.com. priority 10 and mail.our-email-isp.com. and priority 20.
  When I select the machine "example.com." it shows both the real-world static IP and the 192.168.1.250, same with "www.example.com.".
  Am I doing something wrong with this setup? Should "com." be the primary zone or should that be "example.com." ???
  I've been thinking about getting rid of the DNS entry for the 192.168.1.250 address altogether, but will the clients in the office suffer performance issues??? I do not think that the client workstations are configured to get DNS from the server anyway. Should the "www.example.com." record be a Machine record or should it be an alias record?
  Any help you have to offer is greatly appreciated! Thanks!
  In the meantime, I'm going to look around and see if I can understand "Allows zone transfer" and LDAP Search base a bit better.

  Okay, I found a lovely article at the following address which I think helps me to clarify what I'm doing wrong. Despite that, I'd still like to have any feedback you have to offer.
  http://www.makemacwork.com/configure-internal-dns-1.htm
  Also, when editing DNS entries, Server Admin likes to set the nameserver to "ns." -- whatever your domain is. Should I be overriding that and if so, replace it with what?

• DNS configuration

  Hi All
  This may be a silly question so please forgive me, I haven't set-up a DNS in a while and I know I have forgotten something simple in my configuration.
  I have set up an Xserver 10.5.6 with a fully qualified domain name for example:
  mydomain.com
  machine name: ho.mydomain.com
  For some reason I am unable to access the external hosted web site without www (https://mydomain.com) on the internal network.
  From out side I can access the external hosted site with or without www, so my external hosting configuration is correct.
  What simple thing have i missed in DNS configuration my configuration?
  Primary Domain:
  mydomain.com
  www. machine (external ip address of web host)
  ho machine (server ip address)
  Please help, what have I forgotten to do?

  Hi,
  I think you want to replace
  www. machine (external ip address of web host)
  with
  A record mydomain.com -> external IP
  This sends an external request outside and comes back in;
  that way you can reach either www.mydomain.com or mydomain.com
  Ensure you have an alias record in the website setup for the www.
  HTH,
  Harry

• Externally Hosted DNS - How do I set up my 2003 DNS server for sub domain to point to internal IP address??

  I have a domain name(domain.com) DNS hosted at my ISP. I also have 3 sub domains DNS hosted at the same ISP pointing to various external ip addresses (mail.domain.com, vpn.domain.com and ts.domain.com). We want to set up sales.domain.com to point to an
  internal 10. IP address. We have AD integrated DNS servers for our 2003 AD domain. The AD domain name is totally different than the hosted domain name in question. I currently edit the host file for a couple of PC's but this isnt practical company wide so
  I want to add entries on our internal AD DNS servers to resolve the locally hosted site. If i recall, someone once told me that you cannot just put an A record for one sub domain, I would have to have entries on my 2003 DNS server to resolve anything related
  to the domain.com name. Is this accurate? If so, what is the proper way to configure my 2003 AD DNS server to resolve anything domain.com related for my internal users while still allowing my ISP to do the DNS lookup for the internet.

  On my 2003 AD integrated DNS server...i rightclick forward lookup zone and choose...new zone..primary zone (store zone in AD checkbox checked)..i chose to all DNS servers in the AD domain for replication...zone name sales.domain.com....allow secure updates
  option....then i added an A record in that zone...sales.domain.com..pointed that towards my internal 10. IP address...is this correct? It seems to be working correctly for the sales.domain.com DNS record...and i tested the other sub domains...and those look
  like they are going to my ISP for DNS resolution...
  Is this the correct procedure? I did this on a test AD domain and not my production...i want to make sure i dont break everything under the domain.com by incorrectly adding 1 sub domain..

• Mail server and DNS configuration

  I have an XServe G4 running Mac OS X 10.4 Tiger Server, and I have successfully configured two domains that I purchased from GoDaddy as websites on this XServe. It's behind an Airport Extreme, and I have forwarded a bunch of ports in order to enable FTP, SSH, Web, remote Server Administration, webmail, and I have also forwarded the IMAP and SMTP ports. All of these services work except for email, so I am wondering if there is any special DNS settings that I need to configure in the GoDaddy total dns configuration page. I have the MX record pointed directly to my IP, just like the A record. I also have mail.mydomain.com pointed to the A record's IP (maybe I described that poorly, but I hope it gets the point across). I am able to log into webmail and send email out to other people, but when I try replying back to the email which I sent from webmail, I get a bounced message. I also cannot configure a Mail client, but I think I need to get the accounts at least working first. Can someone provide a list of DNS requirements or server configuration requirements for me to check off in order to make this happen? Does anyone know of any great resources to learn this kind of stuff? I'm kinda new to the server thing.
  Thanks!
  Paul

  postconf -n results:
  command_directory = /usr/sbin
  config_directory = /etc/postfix
  daemon_directory = /usr/libexec/postfix
  debugpeerlevel = 2
  html_directory = no
  inet_interfaces = localhost
  mail_owner = postfix
  mailboxsizelimit = 0
  mailbox_transport = cyrus
  mailq_path = /usr/bin/mailq
  manpage_directory = /usr/share/man
  mydestination = $myhostname,localhost.$mydomain,localhost,rubenkalath.com
  mydomain = rubenkalath.com
  mydomain_fallback = localhost
  myhostname = mail.rubenkalath.com
  mynetworks = 127.0.0.0/8
  mynetworks_style = host
  newaliases_path = /usr/bin/newaliases
  queue_directory = /private/var/spool/postfix
  readme_directory = /usr/share/doc/postfix
  sample_directory = /usr/share/doc/postfix/examples
  sendmail_path = /usr/sbin/sendmail
  setgid_group = postdrop
  smtpdtls_certfile = /etc/certificates/Default.crt
  smtpdtls_keyfile = /etc/certificates/Default.key
  smtpdusetls = no
  unknownlocal_recipient_rejectcode = 550
  virtualmailboxdomains = hash:/etc/postfix/virtual_domains
  virtual_transport = lmtp:unix:/var/imap/socket/lmtp
  ps U _postfix results:
  ps: _postfix: no such user
  tail -20 /var/log/mail.log results:
  May 15 15:55:27 sincity postfix/cleanup[1257]: 765DC4517A: message-id=<[email protected]>
  May 15 15:55:27 sincity postfix/qmgr[1239]: 765DC4517A: from=<[email protected]>, size=881, nrcpt=1 (queue active)
  May 15 15:55:27 sincity postfix/smtpd[1254]: disconnect from localhost[127.0.0.1]
  May 15 15:55:27 sincity postfix/pipe[1259]: 765DC4517A: to=<[email protected]>, relay=cyrus, delay=0, status=sent (mail.rubenkalath.com)
  May 15 15:55:27 sincity postfix/qmgr[1239]: 765DC4517A: removed
  May 15 15:58:09 sincity postfix/smtpd[1338]: connect from localhost[127.0.0.1]
  May 15 15:58:13 sincity postfix/smtpd[1338]: lost connection after CONNECT from localhost[127.0.0.1]
  May 15 15:58:13 sincity postfix/smtpd[1338]: disconnect from localhost[127.0.0.1]
  May 15 16:06:09 sincity postfix/postfix-script: refreshing the Postfix mail system
  May 15 16:06:09 sincity postfix/master[590]: reload configuration
  May 15 16:12:48 sincity postfix/smtpd[1709]: connect from localhost[127.0.0.1]
  May 15 16:12:54 sincity postfix/smtpd[1709]: lost connection after CONNECT from localhost[127.0.0.1]
  May 15 16:12:54 sincity postfix/smtpd[1709]: disconnect from localhost[127.0.0.1]
  May 15 16:28:58 sincity postfix/smtpd[2068]: connect from localhost[127.0.0.1]
  May 15 16:28:58 sincity postfix/smtpd[2068]: 1FA354537C: client=localhost[127.0.0.1]
  May 15 16:28:58 sincity postfix/cleanup[2071]: 1FA354537C: message-id=<[email protected]>
  May 15 16:28:58 sincity postfix/qmgr[1530]: 1FA354537C: from=<[email protected]>, size=776, nrcpt=1 (queue active)
  May 15 16:28:58 sincity postfix/smtpd[2068]: disconnect from localhost[127.0.0.1]
  May 15 16:29:02 sincity postfix/smtp[2072]: 1FA354537C: to=<[email protected]>, relay=mercury.gatech.edu[130.207.192.26], delay=4, status=sent (250 Ok: queued as 67542CDF86)