-1

I know this question has been posed many times with slightly different scenarios. Here is the issue I'm running into: Our local domain has three window server 2012 running active directory, dns, IIS, and SQL server. Our internal domain is the same as our external website. We recently moved to a new host and internal users can't access our website via domain.com or www.domain.com We have created a new www entry in our local dns that points to the IP address of the externally hosted website. But internal users are still redirected to the IIS homepage when trying to reach the domain. There are several blank host A records point to the ips of our internal servers, so I created a new blank record pointing to the external IP address of our website and deleted the other blank a records. This fixed the problem for a while (users were able to access the external website), but then the other blank A records reappeared and users can no longer access the external website. Maybe one of the other servers on our network is acting as a backup DNS and repropagated the old blank A records that point to our local servers? How to fix? Thank you.

mgrharry
  • 1
  • 1
  • Are you using the same domain for Active Directory as you are for the external website? That could explain the blank entries showing up again. Part of your issue at least. – Chris Satola Apr 03 '19 at 17:35
  • Yes, AD domain is the same as the public website domain. (Not my idea, this setup predates me) – mgrharry Apr 03 '19 at 21:03
  • It seems that the A records get recreated when the AD and DNS service restarts since without them AD can't sync. Which leads me to setting up HTTP redirect function on IIS to route internal traffic to the external website except this doesn't work since the site is hosted on a Content Delivery Network which you can't link to directly by IP address. Alternative solutions? – mgrharry Apr 04 '19 at 17:28

1 Answers1

0

See: My public website name and AD domain name are the same. How can I get to my external website from inside my network?

The gist: It is specifically recommended by Microsoft that you do not make your AD Domain the same as your website. Your problem is one of the reasons why. Best recommendation is to change your AD Domain to something else.

Chris Satola
  • 332
  • 2
  • 6