External DNS zone on Internal DNS servers

We currently have a 2 domain forest with DNS running on all domain controllers. All domain controllers are 2012 or 2012 R2 and our Domain and forest functional level is set at 2008 R2 due to the existence of an exchange 2003 server which wont be retired
for several months. We have 2 DNS servers in the root domain and 4 DNS servers in the child domain. This is a centralized DNS setup. Our parent domain is DOMAIN.LOCAL and the child domain is XX.DOMAIN.LOCAL. Externally, our DNS is MYDOMAIN.com. we
do not have a public facing DNS server and our DNS records are hosted by a 3rd party
We want to add the MYDOMAIN.COM DNS zone internally (AD Integrated) since we have several instances where applications do not really work well with the XX.DOMAIN.LOCAL DNS. We want this zone to host several DNS records for internal resolution
only since we do not have any public facing applications or web servers such as SharePoint etc.
My question(s) is this?
How is the best way to do this and how will it affect the zones we currently have in place.
Is it as simple as creating a new forward lookup zone, adding static records?
How do we (or do we) handle delegation?
Any information or suggestions to get me started would be greatly appreciated.
Russ

Hi,
I’m not quite understand your question, do you want to create a new primary DNS zone on your current DNS server? If so, you
just need to create a new primary, you can create the additional primary DNS zone.
The related KB:
Configuring a new primary server
http://technet.microsoft.com/en-us/library/cc776365(v=ws.10).aspx
Hope this helps.
We
are trying to better understand customer views on social support experience, so your participation in this
interview project would be greatly appreciated if you have time.
Thanks for helping make community forums a great place.

Similar Messages

  • Adding DNS zone

    Hi folks,
    i`m running a Mac mini with OS X Server 10.7.4 installed. Initially i set up a DNS zone for internal use only which was called myzone.lan. Now i wanted to set up a second zone for internal and external use called myzone.com. When i first added it in Server Admin the reverse mapping was created automatically. Because of a name missmatch i deleted my zone and the reverse lookup zones. Now if i try to add it once more the reverse mapping isn`t created anymore. I`m only able to add the zone name and for example an a record which i called server.myzone.com. But the reverse lookup is always missing.
    What can i do?
    Greetz

    That's not really what I am looking for. I have a privet DNS zone set up on my server and would like to point a different zone to a different server while still using the root hints that are built into the dns server for everything else. take a look at this http://images.apple.com/server/macosx/docs/NetworkServices_Adminv10.6.pdf
    and search for Forward Zones it's on page 50.
    This doc talkes about the ability to do what I am trying to do just not how to do it.

  • DNS in DHCP Pool (Internal DNS issue)

    I know that we can setup multiple DNS server under DHCP pool. But I like to make sure the order.
    I have multiple branch offices.
    Let us say that Branch 1 office has a router with 10.30.1.1 as default gateway.
    Our internal DNS is 10.0.0.1 and 10.0.0.2 as Pri and Sec.
    My order of DNS server is like below.
    1. gateway
    2. internal DNS
    3. public DNS provided by ISP
    I saw couple of issues that when I put internal DNS first. Particular situation is when IPsec is not working, users could not access internet through domain name because they had internal DNS which is not reachable.
    But, when gateway is first order, I am not sure whether user are able to access internal website because gateway DNS doesn't have internal DNS records.
    So, my question is that. what should be the best order for DNS setup under DHCP among default gateway, internal DNS and public DNS?  Our current setup doesn't have even gateway address, it only has internal DNS addresses only.      
    ip dhcp pool ccp-pool1
    network 10.30.1.0 255.255.255.0
    domain-name test.org
    default-router 10.30.1.1
    netbios-name-server 10.30.1.1
    dns-server  10.30.1.1 10.0.0.1 10.0.0.2 24.25.5.60

    Thank you, Richard.
    You are right. when I setup router IP for DNS server in DHCP pool. it did not work.
    Let me ask regarding external DNS forwarding.
      I like to know the process of exteranl DNS.
    User --> Internal website --> OK with internal DNS
    User --> External website --> Internal DNS forwarding to External DNS
    We have our own external DNS (ns), in this case, if external DNS (ns) is down, every branch users are not able to resolve any external IP because internal DNS can't get reply from external DNS?
    2nd question)
    IPsec is split-tunneled, but in this case, every DNS request goes internal DNS which is located in HQ and goes back through IPsec? Usually Split tunnel doesn't go internet traffic through IPsec but internet directly.
    3rd Question)
    what is for ip name-server x.x.x.x   when I setup ip name-server 8.8.8.8 and I tried to ping 8.8.8.8 from router, it didn't work. Am i missing something?
    https://supportforums.cisco.com/thread/230711
    Thanks for your time and knowledge.

  • DNS Forwarding Same Internal and External Zone

    Hi,<o:p></o:p>
    So we have decided that we want our internal domain to be the same as our external domain e.g. domain.uk. I understand that split DNS can be used
    to fulfil this requirement but is it possible to set up a forward so if the DNS entry is not available in the internal zone it will forward onto one of our external name servers where it can resolve?<o:p></o:p>
    We are basically trying to avoid having to add the entry on both external and internal DNS servers for it to resolve. So far I have added the external name servers to
    the forwarders and disabled root hints which didn’t work. I’ve tried to add a conditional forwarder but it says the zone already exists. It seems the only to achieve the internal resolution is by creating the DNS entry both internally and externally.<o:p></o:p>
    Does anyone know if this is the case? It seems strange that you couldn’t point the DNS to another external name server for resolution? <o:p></o:p>
    Any help would be appreciated.<o:p></o:p>

    You must ask in networking forum
    https://social.technet.microsoft.com/Forums/en-US/home?forum=winserverNIS&filter=alltypes&sort=lastpostdesc

  • Dealing with resolving internal URLs externally in a non-split DNS scenario

    Hi all -
    I submitted this yesterday under a different banner but thought I'd try this forum as well.
    I have a client who wishes to have internal URLs resolvable from outside the network and they do not have split DNS.  He scenario is this:
    UserA sends a link to UserB in an email.  Internally the URL is MySIte.Acme.int.  UserB picks up the email on his mobile device whilst travelling and wants to gain access to it.  However the external namespace of the company is
    Acme.com.  Obviously the link will not resolve outside of the corporate network.
    So far I have received recommendations for using a VPN, however this is not an option for them.  In a past life I seem to recall something about alternate access mappings (or something like that) and wondered if this was the way to do make the links
    resolvable. And, if so, if someone could point me to a good article on how to implement this it would be much appreciated.
    Alternatively I was wondering if there is some magic that can be done with URL rewrites or an edge device like UAG or TMG.
    Any guidance or suggestions would be greatly appreciated!
    Kind regards,
    Wren

    What I would do is create a new internal DNS zone named Acme.com, create an A record of "mysite" pointing to the IP currently used by mysite.acme.int, and then simply add AAMs (or better yet, replace AAMs as the AAM the user is coming in on is
    what will be reflected in that email).
    http://blogs.msdn.com/b/sharepoint_strategery/archive/2013/05/25/alternate-access-mappings-explained.aspx
    https://technet.microsoft.com/en-us/library/cc263208.aspx
    URLRewrite won't work because the Acme.int domain is not resolvable on the Public Internet.
    So the plan of action should be:
    Go to Central Admin -> Delete -> select Remove SharePoint from IIS Web Site, and then choose the option to Delete the IIS web site. Change the AAM for the Web Application under Application Management -> Configure Alternate Access Mappings. Click
    Edit Public URLs, choose the Web Application hosting mysite.acme.int, and then change the Default Zone AAM to https://mysite.acme.com. Go back to Manage Web Applications, highlight the Web Application (you'll see the new AAM reflected here), then click on
    Extend. Create a new IIS site, change the port number (likely 443) with the appropriate host header (mysite.acme.com), select Use SSL, then click OK.
    So a couple of caveats:
    1) All SharePoint servers hosting this Web Application must have the SSL certificate matching mysite.acme.com prior to re-extending it.
    2) If you have any hard coded URLs (e.g. to images) on any SharePoint site within mysite.acme.com, you'll break their links and you will need to manually reconfigure them.
    3) If you've made any manual changes to the web.config, you will need to recreate those changes. It might be a good idea to grab a copy of the web.config for that Web Application (IIS Site) before deleting the site.
    4) Use SSL! You do not want to send NTLM in the clear over the public Internet. It can be easily intercepted and decrypted.
    Hope that helps.
    Trevor Seward
    Follow or contact me at...
    &nbsp&nbsp
    This post is my own opinion and does not necessarily reflect the opinion or view of Microsoft, its employees, or other MVPs.

  • DNS resolution on Anyconnect - multiple different internal DNS servers

    All,
       We have multiple different internal windows AD domains within our network, that currently do not replicate their DNS zones between them.
    Is there anyway with an ASA/anyconnect VPN to create a configuration so the ASA inspects the DNS lookups from a user connected via the anyconnect VPN client, and route it to a defined internal DNS server?
    For example I have three internal AD domains site1.com with a dns server ip of 1.1.1.1 , site2.com 2.2.2.2, site3.com with a dns server ip of 3.3.3.3, when a user VPN's in and performs a dns lookup for the name server1.site1.com the ASA see's it is for site1.com and routes the lookup to 1.1.1., however when a user performs a dns lookup for server1.site2.com, the asa see's its is fro site2.com and routes the DNS lookup to 2.2.2.2.
    Any thoughts on alteratives to over come the problem also welcome and/or if anyone can point me to a link that explains the function of "mulitple DNS server groups, which is located in the ASDM interface under Remote Access VPN->DNS (as I have not been able to find a plain english explanation of the function as I am unsure if this does what I am looking for)
    Thanks

    Hi Dominick,
    I have a solution for your problem. You will need to log into the CLI of the WSA and issue the following commands:
    s370r01.csw> dnsconfig
    Currently using the local DNS cache servers:
    1. Priority: 0  10.9.8.8
    Choose the operation you want to perform:
    - NEW - Add a new server.
    - EDIT - Edit a server.
    - DELETE - Remove a server.
    - SETUP - Configure general settings.
    - SEARCH - Configure DNS domain search list.
    []> localhosts <----- Hidden Command
    Local IP to Host mappings:
    Choose the operation you want to perform:
    - NEW - Add new local IP to host mapping.
    - DELETE - Delete an existing mapping.
    []> new
    Enter the IP address of the host you are adding.
    []> 10.1.1.1 < -------- IP of the M series
    Enter the canonical host name and any additional aliases (separate values with spaces)
    []> Host name of the M series. Hit enter until you get back to the command prompt and type commit then enter.
    Sincerely,
    Erik Kaiser
    WSA CSE
    WSA Cisco Forums Moderator

  • Hosting Multiple DNS Zones on different servers How To?

    Hello, I have an issue that I would like one of the experts to help out with.
    I am currently facing an issue with DNS. I currently need to be able to ping certain machines on my internal domain by their external IP address.
    Example: machineA.domain.local has IP address 192.168.1.10 but from the inside of my network I would need to be able to ping machineA.domain.local and have it resolve to my EXTERNAL IP ADDRESS.
    Now as far as I know using a split DNS would solve this issue. Herein lies my issue.
    My DNS works half the time. Sometimes I will ping machineA.domain.local and it will resolve the internal address and sometimes it would resolve the public IP address (which I set manually in my split DNS)
    Now, my reasoning for this is because there are multiple entries with the same machine name on the same domain controller that resolve to different IP addresses. So when I ping machineA.domain.local the reply will be a "confused" reply.
    Here is what I tried to do to correct the issue. I created another Windows Server 2008 R2 machine with only the DNS role installed. I then removed the split DNS from my domain controller and added the zone "zone.domain.com" with the A record "machineA.domain.com"
    I did not join the domain with the new machine as I did not believe it to be necessary.
    The machines on the inside still cannot ping "machineA.domain.com", nor can my new server successfully ping "machineA.domain.local". It can resolve "machineA.domain.com" but I am fairly certain this is because I added it in
    the DNS zone.
    I tried to go a little further and tried to connect to the domain controller DNS via the MMC snap in on my new server. I get an error telling me that the access is denied.
    In order to attempt to fix that I added the computer in the properties of the DNS in the security tab. I also added the newly created server to the DNS admins group.
    Nothing works I am not sure what I am doing incorrect but I would need to know how I can do the following
    A) Successfully (if possible) have 2 different zones on the same domain
    example: internal.domain.local and external.domain.com
    I would need to know how to be able to successfully ping the machines I need to ping that resolves to  the external IP address from the inside without having the internal A record in the DNS zone interfere.
    I would also need to know how I could connect to the domain controllers DNS via another computer (the new server) without having the access is denied error.
    Once again, I tried to use a split DNS on the same server which yielded mixed results. I cannot have the machines replying randomly or go down because 2 DNS zones are on the same machine.
    Thank you hope to get an answer ASAP!

    Anyone have any ideas on this?

  • Internal DNS resolution issue - almost all external sites working

    I administer an Xserve running 10.5.8 Server. This client is running internal DNS due to a few internal services (iChat, mail, VPN, etc) - but his website, of the same domain, is hosted externally at a hosting provider. This is where I'm running into odd problems. For examples:
    ichat.company.com - 10.0.1.100 (when inside the network, also has FQDN on Internet)
    mail.company.com - 10.0.1.100 (same as above)
    www.company.com - xxx.xxx.xxx.xxx (the actual public IP address of the web server at the host)
    Do I need to do it this way? If I don't define the "www" record internally, and point it to the external IP of the hosting provider for the website, the clients inside the network can't see the website, because the internal domain services aren't answering the "www" question and won't hand off to the internet records. It's frustrating because every time the client has a subdomain added to his website, i have to add a record on his internal DNS or it won't resolve at his office. example:
    newdomain.company.com - xxx.xxx.xxx.xxx (public IP of the web host, or it fails)
    Is there a way to have internal DNS for a domain answer most but not all questions for the domain?
    - Bill

    Just as an aside, you could potentially setup a subdomain for the internal systems, e.g. 'corp.company.com' and setup the internal services in this domain - ichat.corp.company.com, mail.corp.company.com, etc.
    Then to get to the internal systems users use those .corp.company.com hostnames and the rest of .company.com gets sent upstream.
    It may or may not be sufficient for your needs. This kind of model works well for static users that only work in the office but may not work so well for mobile users.

  • Internal DNS Caching - Different than External DNS Caching?

    Possibly. Just check the TTL of your internal DNS records like this:
    Batchfilenslookup -type=soa rackspace.co.uk
    Where rackspace.co.uk is the name of one of your internal machines.

    Oliver Kinne wrote:DNS per se allows you to set the TTL (time to live) of a DNS record. Public DNS entries are set with TTLs of anything between 5 minutes to 72 hours - depending on the records and who set them up.You can set the TTL of DNS records on your Microsoft server - see here: https://support.microsoft.com/en-us/kb/297510So it's up to you how long for DNS entries are cached for internal records.Of course, technically clients can ignore the TTL and cache records for longer or even a shorter amount of time. The TTL is just a "recommendation", but most clients adhere to the TTL given out by the DNS server.Ohhh! Okay, I didn't know that cached DNS records expired. So, basically, my internal DNS server is stating that the TTL on our internal DNS info isa period of time of less than that of external DNS sources such as those that...

  • Internal DNS - emailsrvr.mydomain won't resolve, IP does - www works.

    Internal Mail won't resolve to emailserver domain, but LAN ip is fine
    Hey gang, longtime reader first time poster.
    After wrestling with this issue, i'm about out of ideas.
    Here's my setup.
    Leopard server 10.5.4, running OD master (all rocking),
    AFP, Firewall, DNS, (mobile) network home directories.
    I'll call this "xserve.mydomain.com "
    Its NAT'd IP is 192.168.1.102.
    It's a FQDN, kerberos is running and happy, all is well.
    There are about 12
    clients, each with a desktop (imac) and laptop (macbook).
    I have a second (windows 2003 sbe) server hosting the following
    services: Exchange and Web (for now).
    I'll call this winsbe.mydomain.com
    Its NAT'd IP is 192.168.1.101
    My External DNS setup is this.
    Our DNS hosting is done by our registrar (network solutions).
    We own 4 static IPs from our ISP.
    One IP is for our router/firewall providing NAT
    to internal clients, and the xserve is on DMZ, with
    its OSX firewall service turned on.
    One IP is for the
    windows server. (the last two, if you've been counting, are unused .
    Via Network Solutions "advanced DNS", I have our zone
    configured. "xserve.mydomain.com" points to its WAN
    IP (66.xxx.xxx.198).
    www points to 66.xxx.xxx.194.
    MX records refer to "winsbe.mydomain.com" via
    WAN IP 66.xxx.xxx.194 as well.
    All outside services resolve correctly.
    IE, i can hit the website and send/receive email from mydomain.com.
    My internal DNS as setup as this:
    primary zone= mydomain.com
    nameserver= xserve.mydomain.com
    mx record= winsbe.mydomain.com
    xserve.mydomain.com has an A record to LAN IP.
    winsbe.mydomain.com has an A record to LAN IP.
    www is a CNAME record to winsbe.mydomain.com. <----i'm not sure about this one but it works.....
    My forwarder IP points back to my Router (which seems to give me better performance than using ISP
    DNS from here..)
    I know this is working fine insofar as the webserver, as
    an nslookup (www.mydomain.com) internally resolves www to 192.168.1.101.
    mydomain.com and www.mydomain.com hit the webserver internally
    on client browsers. rock.
    Again, forward AND reverse nslookups internally resolve to winsbe.mydmain.com/92.168.1.101
    Here is my guess as to my problem,
    my internal hostname + a record for the windows server the same as the MX record
    which has an alias from www.
    I think it's getting effed in there somewhere?
    If I setup email clients with the windows server LAN IP rather than
    the domain "winsbe.mydomain.com" it all works fine.
    I'd frankly be willing to half-*** it with this solution,
    but each client will require a mobile computer, so we can't have that
    I feel like i'm on the right track, but
    just can't make the breakthrough.
    Am I barking up the wrong tree here?
    Here is a last question,
    I have my firewall/router as the "Forwarder IP Address"
    in the last page of Settings in server admin. When i put
    my ISP's DNS servers, i always get a 2 second delay
    for any web query on any client.
    I have "127.0.0.1" as the first DNS entry in xserve Network Preferences.
    The xserve is the only DNS entry in the client computers.
    This isn't a "bad practice" or anything is it?

    For the curious, my named.conf below (haven't messed with it):
    // Include keys file
    include "/etc/rndc.key";
    // Declares control channels to be used by the rndc utility.
    // It is recommended that 127.0.0.1 be the only address used.
    // This also allows non-privileged users on the local host to manage
    // your name server.
    // Default controls
    controls {
    inet 127.0.0.1 port 54 allow {any; }
    keys { "rndc-key"; };
    options {
    include "/etc/dns/options.conf.apple";
    * If there is a firewall between you and nameservers you want
    * to talk to, you might need to uncomment the query-source
    * directive below. Previous versions of BIND always asked
    * questions using port 53, but BIND 8.1 uses an unprivileged
    * port by default.
    // query-source address * port 53;
    // a caching only nameserver config
    logging {
    include "/etc/dns/loggingOptions.conf.apple";
    // Public view read by Server Admin
    include "/etc/dns/publicView.conf.apple";
    // Server Admin declares all zones in a view. BIND therefore dictates
    // that all other zone declarations must be contained in views.

  • Access website with same name as internal dns...

    Hi there
    I've set up a server with internal dns zone as 'example.com' with the machine name being 'server.example.com'
    Everything has been going well, but we cannot now access our externally hosted website at 'www.example.com' I now realise from looking at other posts on the web that perhaps I should have not used the same dns address internally as is used externally, but we have plans to bring mail servers in-house and so thought that this would be the correct way to go.
    Can anyone offer advice on the correct way to resolve this?
    Thanks

    From what you're saying then, I need to change the DNS host name of the internal network to example.net or similar.
    You can use a level within your own domain, such as server.internal.example.com, where server is the host name and internal identifies a host within your network, and example.com is a domain you own. Larger networks use this construct to identify hosts within a corporate site or a particular building, such as www.corp.example.com, www.frobnitz.example.com and www.boston.example.com.
    I assume it doesn't matter if I don't own the domain example.net?
    Do not use a domain that you do not have permission to use.
    Only use domains you own (best), or domains that will never be activate.
    It's best if you use a domain you own or a subdomain of a domain you own, or (less desirably, but functional) use a Top Level Domain (TLD) string that will never be a domain (a completely made-up domain such as server.tvkiddomain where tvkitdomain is a text string that will never match a real domain such as .COM or .NET or .BIZ or .TRAVEL or the country codes or the gazillions of these TLD strings that are coming on-line. (That there are TLDs coming on-line makes this somewhat more risky; you can end up using a domain you don't own of somebody lights up a matching TLD.)
    The second parallel domain is small cost and simple, particularly as you need few or no services for it from your registrar. (When I buy domains for a site, I usually purchase several TLDs around the domain -- such as the classic big three .COM, .NET and .ORG -- and then have these available for just this sort of purpose. It's easier to buy these up front than to add them later, given the usual domain squatting that can happen. And it's not much money. And it's flexibility for later network activities, and far easier to describe and to support.)
    Will the changeip command change the DNS name of machines that I've set up, so that server.example.com will be renamed server.example.net? I assume I'll need to unbind and rebind any client machines that I've bound to the server?
    changeip would be the tool I'd use, yes. And I'd reconnect, yes. There's a DNS command around that flushes the DNS caches on the clients; you'll also need to clear that.
    Prior to Leopard, on each DNS client:
    sudo lookupd -flushcache
    Leopard DNS cache flush, on each DNS client:
    sudo dscacheutil -flushcache
    Thanks for the pointer to the other post, was helpful, but I think that changing the internal DNS host name will be the simplest option...
    IMO, the simplest option is to avoid domain name collisions and to avoid domains you don't own; to maintain the basic operations and assumptions of DNS.
    Bad DNS is one of the few things you can do that can screw up other hosts and other sites on the Internet.

  • Question about DNS zones

    Here's my problem..
    I have an internal webserver that has an external address. Clients on my internal network (the same as the webserver) can't access the internal server using its external address. I got around this in a Windows enviornment (there are multiple buildings with different environments) by creating a primary DNS zone with the external address of the server, and an A Host pointing to the internal address.
    I'm having some trouble getting this setup on Lion server, and rather than breaking DNS again, I figured I'd ask around first. Like I said, I tried adding a new zone, and did something that broke DNS. I had to manually edit the configuration file to remove the new zone. The FQDN is different from the name of the Mac server.
    Basically the Mac server is school.com, and I need school.google.com to point internally. These obviously aren't the real addresses, but it illustrates what I need to accomplish.
    Does this make sense? Is it possible with Lion Server?
    Thanks

    If you want to access the webserver internally as school.google.com you cannot and should not try to create a google.com zone. If your website has your own private domain e.g. www.myschool.edu then as you (presumably) own and control that domain then you can run what is typicially called a 'split-horizon' DNS setup.
    You could have a second domain name just for the website which still needs to be owned by you, this would let you use say domain.local as the main internal Active Directory domain and a second dmoain like myschool.edu for the website.
    With a spit-horizon setup you need two DNS servers, one would be used just internally, the other would be used just externally. So anyone outside your network i.e. on the Internet would use the external DNS server (often your ISP), and anyone on your LAN uses the internal one. The internal one would map www.myschool.com to your internal LAN IP address of your webserver, the external DNS server would map the same www.myschool.edu to your internet routers address. Your router would then have to setup a NAT port mapping rule to forward the HTTP traffic to your internal webservers IP address. You can still have multiple websites hosted internally and be accessible externally but all of them must run on a single internal webserver as the NAT port mapping can only map to a single IP address per protocol (port number).

  • Wifi Internal DNS Failing

    Situation:
    On our wifi iPhone/iPod Touch devices correctly receive DHCP information.
    Access to the outside world works well with addresses resolving correctly.
    However these devices cannot browse to internal names - only the underlying ip address.
    Why?
    Additional Info:
    The DNS servers provided by DHCP are both internal.
    Windows PC's using identical DHCP settings (served from the same server) resolve internal and external addresses successfully.
    Changing the DNS servers to an external source is not an option as we want to use the Apple devices to access internal content.

    this sounds pretty much like my problem at http://discussions.apple.com/thread.jspa?threadID=2534692&tstart=0. Is it possible your internal DNS zone is called <something>.local?

  • Autodiscover and Pinpoint DNS zone

    Hello all,
    i am still experiencing a lot of confusion with Lync and DNS records.
    I have a Standard edition front end server, Edge server and Reverse proxy.
    My internal domain space is different to the sip address
    sip address =  aaa.co.uk   internal domain  = aaa.loc
    I can't have a zone aaa.co.uk on my internal DNS servers so i created
    _sipinternaltls._tcp.aaa.co.uk
    in there i have a SRV record (5061) pointing to sip.aaa.co.uk
    I have another zone aaa.co.uk which has an a record pointing to the IP address of my FE server
    Is this right ? the Lync 2013 clients all sign in internally ok although there is some delay.
    I haven't got an lyncdiscoverinternal record and i dont know where to put this ?
    If i add a new cname or A record the fqdn is appended eg lyncdiscoverinternal.sip.aaa.co.uk
    so how does this work ? I am not sure what DNS records to put where anymore this is not straightforward.
    As a side note i have external access working and have external DNS records all set up and lyncdiscover.aaa.co.uk point to the reverse proxy but it can be slow to log in and i think i need the internal records working.
    any help please

    Let's clarify a couple of things as well:
    - Pinpoint DNS is only used when your SIP domain = internet facing domain (i.e. aaa.co.uk) AND you do not want to host a copy of your internet facing domain on internal DNS. Some customers have 100's-1000's of internet facing DNS records and do not want
    to have to manually maintain all of these records internally - this is when I see Pinpoint DNS used.
    - If you already host a copy of the internet facing domain on internal DNS, or the manual maintenance of the external records internally is not a problem, then Pinpoint DNS is not required. You simply have to manually create the DNS zone and
    corresponding records within the appropriate DNS zone internally (i.e. aaa.co.uk).
    - Depending on how things are setup, many of the DNS records required for Lync are configured either externally or internally, not both. However, there are some that will be the same, but published to different IPs depending on how you connect (internal/external).
    For instance:
    lyncdiscover.aaa.co.uk = external record ONLY (points to public RP IP)
    lyncdiscoverinternal.aaa.co.uk = internal record ONLY (points to internal FE IP)
    _sip._tls.aaa.co.uk = external record ONLY (typically points to "sip.aaa.co.uk" -> Lync Access Edge external IP)
    _sipinternaltls._tcp.aaa.co.uk = internal record ONLY (typically points to "sip.aaa.co.uk" -> internal FE IP)
    sip.aaa.co.uk = both internal and external (internal = internal FE IP; external = public Access Edge IP)
    meet.aaa.co.uk = both internal and external (internal = internal FE IP; external = public RP IP)
    Hope this helps!

  • DNS Setting for internal sites

    Hello -
    I've had terrible problems with my internet connection recently. No internet connection = no DNS (using Google) and therefore I can't even access sites which are hosted within my own network.
    Could anyone talk me through adding DNS references to internal sites on SLS ?
    My set up :
    ADSL modem (bridge mode) into Airport Express which runs DHCP / NAT
    SLS connected to Airport which has DNS server already running.
    changeip -checkhostname returns
    Primary address = 10.0.1.2
    Current HostName = xx.xxx.ltd.uk
    DNS HostName = xx.xxx.ltd.uk (changed these entries)
    The names match. There is nothing to change.
    dirserv:success = "success"
    My domain name is registered with an external supplier - and set to point to my static IP address.
    Thanks for any help !
    Andrew

    One thing that did help me though - and this may be obvious to you, but I had problems with Server admin crashing. Changing the DNS server in network preferences on the server itself and the client I was working on to a public DNS helped. Guess that should be pretty obvious though.
    If things get wonky, I usually try to run Server Admin directly on the target server box.
    Am I safe to reference the DNS server on the client now as dns.mydomain.com ? ie - if that is where the client is getting it's DNS references from, how does it know where dns.mydomain.com points to before it looks it up ?!
    DNS servers are referenced by IP address, not by host name. Until the DNS server is available, the DNS names won't work; a bootstrapping problem.
    As for testing the server, you can use the dig command to test.
    +dig @ip.addr.dns.server whatever+
    Also - I am using an Airport Base Station for DHCP / NAT - but can't see how I can specify a DNS server so that all clients receive it automatically ? (This is fine for clients that don't leave the office, but a pain for laptops)
    AirPort Utility > select target AirPort > Manual setup > Internet > DNS Servers

Maybe you are looking for