DNS Setting for internal sites

Similar Messages

• I don't want to have to ZOOM every site i visit, how do i save my zoom setting for all sites?

  i don't want to have to ZOOM every site i visit, how do i save my zoom setting for all sites?

  ''how do i save my zoom setting for all sites? not for each site I visit''
  That would be be impossible unless you did away entirely with page formatting entirely. Each author may have their own idea of what you should be seeing and how you are to see it. By site which is the default is about the best that you can do.
  If you have a serious problem you could change the resolution of your display, but it had better be a very large monitor.
  '''NoSquint''', adjust the text-only and full-page (both text and images) zoom levels as well as color settings both globally (for all sites) and per site. Toolbar buttons, percent displays on status bar.
  * https://addons.mozilla.org/firefox/addon/2592
  '''Zoom text of web pages'''
  * http://kb.mozillazine.org/Zoom_text_of_web_pages
  <br><small>Please mark "Solved" one answer that will best help others with a similar problem -- hope this was it.</small>

• How to drop DNS requests for banned sites?

  Hi
  I'm looking to create a number of signatures to drop DNS requests for banned sites, the only way I've successfully implemented this is creating a signature (string UDP), to drop any UDP/53 traffic containing the regex string of banned site.
  I would like clarification from any experts to verify that this is the only way of acheiving this, I know that there's a Service DNS Engine, but I can't seem to specify the FQDN within this. I'm not sure if I'm missing something?
  Many thanks

  You're on the right track. A custom UDP signature is the only way you'll find the requests you want to drop.
  The DNS engine does not allow for custom string matches.
  - Bob

• Structure Suggestions for International Sites

  The current CQ implementation suggests that you lay out international sites by language.
  So you have your main site foo and beneath it would be en, de, es to represent all the different languages that the site would be in. Once you really start to get international this structure starts to fall apart. Spanish in Spain is different then the Spanish in Mexico and the French in Africa is different then the French spoken in Canada.
  So we are considering a structure as follows:
  content/foo
  ca
  en
  fr
  mxes
  eses
  Any feedback from others over their implementations, pro's and con's would be appreciated.
  -jason

  Hi Jason,
  you can name the site whatever you want. To my knowledge importat thing in terms of multi-language support is the site language specified in properties. You may not see the difference in built-in languages (de, fr, es, ...) but once you try to switch to something that is not there out of the box and use the translator to manage keywords you will see the difference. If you have issues with EN-UK and US and others I would go with structure that Rudy pointed out
  /Site
       /English(US)
       /English(Canada)
  and it is up to you if you use short iso codes or longer description. Just make sure that you specify the site language in site properties (advanced tab)
  Hope this helps a little.
  Jan

• AD & DNS setting for Hub and spoke network

  Hi,
  We have multiple sites connectd through VPN (Hub and spoke network). Following is the site information
  Head Office (DC) ----- contoso.com ------ 192.168.100.2
  Site1 (ADC) ----- site1.contoso.com ------192.168.101.2
  Site2(RODC)----contoso.com ------192.168.102.2
  Site3(ADC)-----contoso.com ------- 192.168.103.2
  site4(ADC)-----site4.contoso.com-----192.168.104.2
  site5(ADC)-----contoso.com -------192.168.105.2
  i am trying to ping DC (contoso.com) from site4 & site site1 sometimes it's getting reply from site5 and site3 not from HO.
  How can i configure all request go to HO (192.168.100.2).
  for any other information please ask me.
  Regards,
  Kumar

  Hello,
  do you ping the domain name or the DC name? If domain name, what you see is normal, a DC will be chosen via DNS round robin and NOT a DC in that site.
  Also assure that you have configured AD sites and services according to
  http://technet.microsoft.com/en-us/library/cc730868.aspx
  http://technet.microsoft.com/en-us/library/cc755768.aspx
  http://blogs.technet.com/b/askds/archive/2011/04/29/sites-sites-everywhere.aspx
  Best regards
  Meinolf Weber
  MVP, MCP, MCTS
  Microsoft MVP - Directory Services
  My Blog: http://blogs.msmvps.com/MWeber
  Disclaimer: This posting is provided AS IS with no warranties or guarantees and confers no rights.
  Twitter:  

• Discover DNS setting for all client PC's in my local LAN

  I've done a fairly exhaustive search for an answer, but it seems there should be a way to discover the DNS IP address used in all of my PC's connected to my LAN/Domain.
  We recently upgraded the server the hosts the DA and the DNS which now have a different IP address. We use a hardcoded DNS server address (which will soon change) so I had to go to each PC on our network and change each computers DNS address. I think I changed
  them all, but I can't be 100% sure unless I go thru all of the PC's again.
  I'm hoping there is an easier way other than waiting for a user to complain about not being able to access local resources.
   

  Hi,
  Yes, like arnavsharma said, if you have DHCP server, you could get it once for all. 
  if no, you need alter it one by one.
  Alternative, you could use GPO to push the ipconfig /registerdns command to update.
  If anyone still look for old IP, on an individual workstation you would use the command
  ipconfig /flushdns to empty the cache and force fresh DNS lookups.
  Please remember to mark the replies as answers if they help, and unmark the answers if they provide no help. If you have feedback for TechNet Support, contact [email protected]

• Revenue account setting for internal billing

  Hello All,
  We are facing a requirement to post the different Revenue account in case that the billing is inter-office billing.
  Below is the detail requirement:
  <Business pattern>
  1. Inter-office billing related with Sales Order
  2. Inter-office billing related with PO
  3. Non Inter-office billing related with Sales Order
  4. Non Inter-office billing related with PO
  <Requirement>
  -User request us to post different revenue account by each pattern.
  <Current setting>
  -Different billing types are used in each pattern.
  -1&2 is posted with same customer master.
  -In Trcd: VKOA, Table 0003 (Material Grp/Acct Key) is used. However, business pattern 1&2 cannot be specified by material master.
  -Account key is only 2 (KOFI and KOFK)
  If you have any idea for this your advice would be really appriciated.
  Thanks and Best Regards,
  Satoe

  Hi
  Please, see note 1172799 - New version of Best Practices for revenue recognition
  Regards
  Eduardo

• External DNS zone on Internal DNS servers

  We currently have a 2 domain forest with DNS running on all domain controllers. All domain controllers are 2012 or 2012 R2 and our Domain and forest functional level is set at 2008 R2 due to the existence of an exchange 2003 server which wont be retired
  for several months. We have 2 DNS servers in the root domain and 4 DNS servers in the child domain. This is a centralized DNS setup. Our parent domain is DOMAIN.LOCAL and the child domain is XX.DOMAIN.LOCAL. Externally, our DNS is MYDOMAIN.com. we
  do not have a public facing DNS server and our DNS records are hosted by a 3rd party
  We want to add the MYDOMAIN.COM DNS zone internally (AD Integrated) since we have several instances where applications do not really work well with the XX.DOMAIN.LOCAL DNS. We want this zone to host several DNS records for internal resolution
  only since we do not have any public facing applications or web servers such as SharePoint etc.
  My question(s) is this?
  How is the best way to do this and how will it affect the zones we currently have in place.
  Is it as simple as creating a new forward lookup zone, adding static records?
  How do we (or do we) handle delegation?
  Any information or suggestions to get me started would be greatly appreciated.
  Russ

  Hi,
  I’m not quite understand your question, do you want to create a new primary DNS zone on your current DNS server? If so, you
  just need to create a new primary, you can create the additional primary DNS zone.
  The related KB:
  Configuring a new primary server
  http://technet.microsoft.com/en-us/library/cc776365(v=ws.10).aspx
  Hope this helps.
  We
  are trying to better understand customer views on social support experience, so your participation in this
  interview project would be greatly appreciated if you have time.
  Thanks for helping make community forums a great place.

• Revert my allowing smtp sasl for external site

  Our version is 6.3
  Previously we've set the smtp relaying from outside if they could authenticate
  the tcp_auth channel was set as follows:
  tcp_auth smtp mx single_sys mustsaslserver missingrecipientpolicy 4
  and the tcp_local like this:
  tcp_local smtp mx single_sys remotehost inner switchchannel identnonenumeric sub
  dirs 20 maxjobs 7 pool SMTP_POOL maytlsserver maysaslserver saslswitchchannel
  tcp_auth missingrecipientpolicy 0 loopcheck
  Now we want to disable smtp connection from outside (to prevent mail relaying cos someone might
  guess the password of some users) even with authentication
  I tried to change the tcp_auth
  to look like this
  tcp_auth smtp mx single_sys nosasl nosaslserver missingrecipientpolicy 4
  But this didn't work for me ( I tried from outside site to send mail using smtp authentication
  and still I was allowed)
  Could someone enlighten me on how to take off smtp auth altogether
  (I could even take off for internal site as well)
  Thanks in advance

  You don't really want to "disable smtp connection from outside", do you? That would mean not receiving any mail from outside.
  If you just want to disable SMTP authentication from the outside, then remove "maysaslserver" and "saslswitchchannel tcp_auth" from the tcp_local channel. Those are how SMTP connections coming from outside are allowed to authenticate and then switched to be coming from the tcp_auth channel instead of tcp_local.
  You probably have the same issue with the tcp_submit channel, which would normally be messages coming in on port 587. But removing those from the tcp_submit channel would also mean your local users cannot authenticate. Alternatively, you could use your firewall to block connections to port 587 from outside or accomplish similar with the PORT_ACCESS mapping table.
  But I really question the wisdom of this whole line of thought. SMTP authentication is a good thing. It improves your overall security. Of course if users have easily guessable passwords, that is a password policy issue.

• Externally Hosted DNS - How do I set up my 2003 DNS server for sub domain to point to internal IP address??

  I have a domain name(domain.com) DNS hosted at my ISP. I also have 3 sub domains DNS hosted at the same ISP pointing to various external ip addresses (mail.domain.com, vpn.domain.com and ts.domain.com). We want to set up sales.domain.com to point to an
  internal 10. IP address. We have AD integrated DNS servers for our 2003 AD domain. The AD domain name is totally different than the hosted domain name in question. I currently edit the host file for a couple of PC's but this isnt practical company wide so
  I want to add entries on our internal AD DNS servers to resolve the locally hosted site. If i recall, someone once told me that you cannot just put an A record for one sub domain, I would have to have entries on my 2003 DNS server to resolve anything related
  to the domain.com name. Is this accurate? If so, what is the proper way to configure my 2003 AD DNS server to resolve anything domain.com related for my internal users while still allowing my ISP to do the DNS lookup for the internet.

  On my 2003 AD integrated DNS server...i rightclick forward lookup zone and choose...new zone..primary zone (store zone in AD checkbox checked)..i chose to all DNS servers in the AD domain for replication...zone name sales.domain.com....allow secure updates
  option....then i added an A record in that zone...sales.domain.com..pointed that towards my internal 10. IP address...is this correct? It seems to be working correctly for the sales.domain.com DNS record...and i tested the other sub domains...and those look
  like they are going to my ISP for DNS resolution...
  Is this the correct procedure? I did this on a test AD domain and not my production...i want to make sure i dont break everything under the domain.com by incorrectly adding 1 sub domain..

• Is anyone set up to use anycast for internal DNS?

  Good Afternoon,
  I've been considering using Anycast to provide some redundancy for internal DNS lookups. Configuring DNS and subsequent slave zones in Leopard is easy enough and as I understand it, Anycast is just a way of configuring routers so that one IP address can resolve to many different machines.
  I see some of the benefits of using Anycast in that we can have the same 2 dns ip addresses in perpetuity and that as long as one node is up, people will be able to get out.
  So my question to you guys: Has anyone done this? If so, is there anything I need to look out for before I start? Is there something you wish you'd known before you started down this path.
  I'd love to hear your experiences and read any documentation you might have kept. I thought Mr Hoffman's write up on his DNS services was really excellent btw.
  Cheers,
  dave

  Do you have a particularly large infrastructure?
  IP Anycast is usually implemented via BGP announcements from your router(s), with each router using the BGP tables to determine the 'best' server to use. If you're doing this for internal DNS then that assumes you're already running IBGP.
  Even then, BGP is a pretty dumb protocol - all it does is say 'hey, here's how to get to a.b.c.d IP address'. It has no idea whether the specific server/service you're after is available at that address.
  In other words, even if you setup IP Anycast via IBGP you'll still have clients routing to a dead server unless you can somehow update your BGP tables when a server goes down. Not a trivial task for most routers.
  It sounds like what you really want is more load balancing than IP Anycast. There are numerous load balancers than can do this. Another option (if your DNS servers are physically close) is to use some kind of failover process so that the second server assumes the role (and IP address) of the first server should it fail (and vice versa). That option is built-in to Mac OS X Server (although it takes a little command-line jiggling to get it working).
  Then again, the whole point of defining multiple DNS servers on the client is that the client will automatically fail over to alternate servers if it doesn't get a response from the first - in other words, the clients already have built-in failover for DNS (although the user will notice lookup delays when the primary server is offline).

• DNS for internal servers

  Okay, this should be simple, and maybe I'm just missing something.
  I've recently had to move from a 10.3.9 server to a 10.4.10 server. We have 2 servers in-house, the main one that runs DHCP/DNS/Mail, and a second one which does file service.
  Reference info:
  File Server - 192.168.2.105
  Mail Server - 192.168.2.99
  The mail server his handing out DHCP, with the following DNS entries:
  1st - 192.168.2.99
  2nd - 151.164.8.201
  3rd - 151.164.1.8
  The mail server had DNS turned up and has 1 primary zone: mail.kccompany.org at 192.168.2.99
  Under that it has 3 machines setup under that zone:
  fs - 192.168.2.105
  mail - 192.168.2.99
  www - 64.207.xxx.xxx
  Now, here's my problem: When my users try to lookup mail.kccompany.org, they get the external 216.xxx.xxx.xxx address, and not the internal 192.168.2.99 address. I have some mobile users who would like to use and access email from home. I have SMTP authentication working, but when they're inside the network, mail.kccompany.org doesn't translate to the internal address like it should. Am I missing something?
  DHCP leases are set for 8 hours. I have been working on this for a week, so they should have updated info. And doing a lookupd -flushdns doesn't seem to effect the issue.
  Any help would be greatly appreciated! Thanks.
  PowerBook G4 17   Mac OS X (10.4.10)   1.5G RAM

  As requested:
  // Include keys file
  include "/etc/rndc.key";
  // Declares control channels to be used by the rndc utility.
  // It is recommended that 127.0.0.1 be the only address used.
  // This also allows non-privileged users on the local host to manage
  // your name server.
  // Default controls
  controls {
  inet 127.0.0.1 port 54 allow {any;} keys {
  "rndc-key";
  options {
  directory "/var/named";
  recursion false;
  * If there is a firewall between you and nameservers you want
  * to talk to, you might need to uncomment the query-source
  * directive below. Previous versions of BIND always asked
  * questions using port 53, but BIND 8.1 uses an unprivileged
  * port by default.
  // query-source address * port 53;
  // # Adding this...
  forwarders {
  151.164.8.201;
  151.164.1.8;
  forward first;
  // # to here..
  // a caching only nameserver config
  zone "." IN {
  type hint;
  file "named.ca";
  zone "localhost" IN {
  type master;
  file "localhost.zone";
  allow-update { none; };
  zone "0.0.127.in-addr.arpa" IN {
  type master;
  file "named.local";
  zone "" IN {
  file ".bak";
  masters {
  type slave;
  zone "kccompany.org" in {
  file "kccompany.org.zone";
  type master;
  zone "200.168.192.in-addr.arpa" IN {
  file "db.192.168.200";
  type master;
  zone "xxx.207.64.in-addr.arpa" IN {
  file "db.64.207.xxx";
  type master;
  logging {
  category default {
  defaultlog;
  channel defaultlog {
  file "/Library/Logs/named.log";
  severity info;
  print-time yes;
  };

• Source system set up for internal / external access

  Hi all.
  We have an EP 6.0 (NW04 SP16) system delivering BW data from a back-end BW 3.1/3.2 system.  We are using BW Report iViews to deliver all reports to external and internal users.  I am having a very specific problem when setting up the source system for the BW system.
  The BW Report iView object uses the WAS hostname parameter(found under: System Administration -> System Configuration -> Systems -> BWSourceSystem -> Open ->Object -> "Web Application Server (WAS)") when retrieving the back-end BW report. 
  When this parameter is set using an internal host id (internal_host.company.com) internal users can access the report in question, but external users can't.  Alternatively, when this parameter is set using an external host id (ie. the host of our DMZ proxy server) external users can access the report, but internal users can't.
  I need to find a way to use one hostname for this parameter that will work for both internal and external users.  I have worked with the HTTPURLLOC table and this solution works great for URL iViews, but not for BW Report iViews.  Does anyone have any suggestions?  Thanks!

  Hi Shashi.
  We did find a solution using web dispatcher.  We actually installed two instances of web dispatcher... one in our DMZ for external access and another one our corporate LAN.  The web dispatchers are configured identically and the EP instance knows only one hostname:
  name.company.com
  The port passed to the URL https://name.company.com:port is what tells web dispatcher what to do with the request (ie. pass the request to EP, BW, ECC, R/3, etc.).
  Be aware that EP allows for only one hostname for Source System Setup - my name.company.com in my example above -(this is the EP Web Application Server hostname (WAS) parameter found under System Admin - System Config - Systems) - so you may need to do something like we did:
  register name.company.com on the internet as a public address and use that DNS mapping for external users (using your DMZ version of webdispatcher).  Subsequently, use internal DNS or host name mapping to register an internal private addresss for name.company.com (using your LAN version of web dispatcher).  this will allow both internal / external users access to the portal and other SAP back-end systems.
  It may sound a bit kludgy, but believe me - we tried everything to make this work.  I took this all of the way to SAP and this was the recommendation SAP made for allowing both internal and external users access to portal and BW data.
  Hope this helps!

• Exchange 2013 DNS for internal and external domain

  Hi All,
  I have been assigned a task to implement Microsoft Exchange Server 2013. I need some help in setting up DNS namespaces and design a strategy to have same internal and external names. Let me share some details here.
  We have an Active Directory domain myinternaldomain.net, and we have a public domain
  mypublicdomain.com and we have setup email policy to have
  mypublicdomain.com as the SMTP domain for all the users. We have created another DNS zone in Active directory integrated DNS and created a records for
  mail.mypublicdomain.com and autodiscover.mypublicdomain.com which will point to CAS NLB IP. We have 2 CAS servers and 2 MBX servers, we have configured DAG for MBX High availability and planning to implement WNLB for CAS as
  hardware LB is out of scope due to budget constrains.
  We want to have same URLs for OWA, Autodiscover, ECP and other services from internal network as well as from public network. Users should not be bothered to remember two URLs, using one from internal and other from public networks. I also want to confirm
  that with this setup in place do i need to have myinternaldomain.net and server names in SAN certificate?
  Thanks

  Hi Sccmnb,
  You can easily achieve this using split DNS.
  Internal DNS hostname "mail.mypublicdomain.com" will be pointing to your internal CAS NLB IP and the external public DNS hostname"mail.mypublicdomain.com" will be pointing to the Network device or
  Reverse proxy server IP.
  Depending upon users access location(internal\external) the IPs would vary and they should be able to access the website with same name.
  The names that you would require on the certificate(Use EAC or powershell to raise the request) for client connectivity would be
  SN= mail.mypublicdomain.com
  SAN= autodiscover.mypublicdomain.com
  You don't need to have the active directory domain name present in the certificate.
  Additional  to this you need to update the AutodiscoverURI for all servers and OWA,ECP,Autodiscover Virtual Directories InternalURL and ExternalURL fields with appropiate public names.
  Some additional Info:
  *Internal vs. External Namespaces
  Since the release of Exchange 2007, the recommendation is to deploy a split-brain DNS infrastructure for the Internet-based client namespaces. A split-brain DNS infrastructure enables different IP addresses to be returned for a given namespace
  based on where the client resides – if the client is within the internal network, the IP address of the internal load balancer is returned; if the client is external, the IP address of the external gateway/firewall is returned.
  This approach simplifies the end-user experience – users only have to know a single namespace (e.g., mail.contoso.com) to access their data, regardless of where they are connecting. A split-brain DNS infrastructure, also simplifies the configuration of Client
  Access server virtual directories, as the InternalURL and ExternalURL values within the environment can be the same value.
  *Managing Certificates in Exchange Server 2013 (Part 2)
  *Nice step by step article
  Designing a simple namespace for Exchange 2013
  Regards,
  Satyajit
  Please“Vote As Helpful”
  if you find my contribution useful or “MarkAs Answer” if it does answer your question. That will encourage me - and others - to take time out to help you.

• Set alias URL for SharePoint site

  Hi,
  I want to set the SP site alias. my server name appearing http://dmfpqabudappcq2 and i want to change it to http://MySharePoint.
  I check the central admin - AAM - Edit alias url. I have updated there.
  Now, i am setting the new alias host in DNS. for this i have open the DNS - expands server name - Forward Lookup zone. When i go for right click then i can not see to add new alias and server IP there.
  Can anyone please tell what i am missing here to complete the setting for SharePoint alias. 
  Any help is much appreciated.
  Thanks, 
  Rakesh

  I've never trusted changing a Web App's URL. I always advise adding a new AAM for http://intranet etc. alongside your already existing server name.
  I would return the inital entry to as it was, then add a new AAM for your site.
  Now if i understand you correctly you haven't added an A host record for the AAM address to DNS yet? This is described here:
  http://technet.microsoft.com/en-us/library/cc779029%28v=ws.10%29.aspx
  Once you have an A host record you should be able to 'ping' that address from a client computer. You should also be able to browse the site from a client computer (assuming there's a site collection created for that web application).
  You will not however be able to browse it from your SharePoint server, this is because of the loop back check:
  http://www.harbar.net/archive/2009/07/02/disableloopbackcheck-amp-sharepoint-what-every-admin-and-developer-should-know.aspx