Announcement

Collapse
No announcement yet.

The proper way to add DNS A records to an AD DNS Server

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • The proper way to add DNS A records to an AD DNS Server

    This is an inherited network. W2K SP3 AD Domain.

    The DNS is AD.

    The previous admin added many computer names to DNS manually instead of letting AD detect and add them. I see those as Upper case in DNS. I delete those upper case entries and after ten minutes or so they are back, in lower case, as I believe they should be. I was told by MS tech that you should never add an A record to AD DNS. Is this correct?

    He had several entries for the same server as well. I changed any records that did not match the compyter name into aliases (cnames).

    Lastly how do you deal with an A record that points to an outside website under your internal AD domain name. Such as a support helpdesk that we are hosting outside the company (many users are remote and the hosted helpdesk was just a good price). If your domain is named mydomain.com and I wanted helpdesk.mydomain.com but it was not inside my network. I have an entry in a Public dns server for it. Therefore the outside world can find it without any issue.


    I thought the internal users would find it as well since I have forwarders setup in the DNS but I assume that forwarders are not used for any names using the domain suffix and they could not see it. So I added the entry into DNS with the outside IP addres. It works but is this the correct way to do it?

    Thanks

    Doug

  • #2
    Re: The proper way to add DNS A records to an AD DNS Server

    I have added A records manually to AD DNS servers before and it caused no problems for me or my customer.

    The internal records that point to your external website will require you entering or editing an existing www record that points to the IP address of the hosters server. It has been an extremely long time since i have done this so i can't remember the type of record that it needs to be so i'll do some digging around.

    The problem you are experiencing is related to your internal DNS matching your external web address. When a client is looking for your external website and types the web address it will only ever search internal as it is authoritative for the zone blah.com

    Comment


    • #3
      Re: The proper way to add DNS A records to an AD DNS Server

      > I was told by MS tech that you should never add an A record to AD DNS. Is this correct?

      He is. It's a big nono for AD zones. Firstly, there is no need to add statics for workstations or servers. If there is such a need, something is broken and needs to be fixed. Secondly, AD was designed to manage its own records. If you create a static you are basically taking over the record. So, AD (or a workstation/server) can no longer modify that record. If its IP ever changes, the record will not be updated.

      The only statics in AD zones should be for additional services, such as WWW or specialized SRV records.

      Comment

      Working...
      X