Active Directory / DNS gurus?

[Brandon Tice]

Are there any Active Directory geeks around?  I work on the Cisco side all day but I've been asked to assist with a minor issue on the Windows side that I honestly haven't been able to find the answer to in my Google-questing.  Any help would be appreciated.

Thanks,

--
-Brandon

[Danny Chamberlin]

I've done a little - what's the issue?

Danny

[mike wurst]

Yes I work with AD all day every day of the week.

---

From: Brandon Tice <brand...@gmail.com>
To: midsout...@googlegroups.com
Sent: Wed, August 25, 2010 6:07:42 PM
Subject: [MidsouthMakers] Active Directory / DNS gurus?

[Brandon Tice]

My question is this:

Let's say I own a company called MYCOMPANY and I own the web site mycompany.com which can be reached externally by going to http://www.mycompany.com OR http://mycompany.com.  All that is great.

However, from within our internal Windows network, you can only access our site by going to http://www.mycompany.com.  If you attempt to go to http://mycompany.com, you get an "Under Construction" message.  Now I believe that is because when you attempt to go to http://mycompany.com, you aren't actually hitting the webserver, but rather the Active Directory domain controller.  When I run an nslookup on www.mycompany.com, I get a result of the internal IP address of the webserver, which is correct.  However, when I run an nslookup on mycompany.com with no WWW, then I get a list of all of the domain controllers in the company instead of the webserver, which is not in the list at all.

So basically the problem is that our Active Directory domain that we all log into is MYCOMPANY and the web address is mycompany.com, which internal DNS resolves to the domain controllers rather than the webserver.  I realize that the http://www.mycompany.com site works internally due to the A record in DNS for WWW.  I have a hunch that I could add an alias in DNS or something along those lines for mycompany.com but I figured I'd ask someone more qualified than myself.  What can I change to fix this without breaking any Active Directory functionality?

Thanks,
Brandon

[mike wurst]

Brandon,

        Is the http://www.mycompany.com IP address different from the http://mycompany.com IP address?  What I mean by that is are they supposed to be point to the same IP address?  Answer that for me and then I have a couple of suggestions on how you can fix this.  There is a possiblity that it is an SSL(Secured Socket Layer).  I say this because we recently transferred our company e-mail from one virtual machine to another, and in that process our OWA broke, so I was getting the same error that you were that the page was under construction, so there are only certain ways to access it now.  So answer that question for me and I will get back to you with some suggestions.

 

Thanks

 

Mike

---

From: Brandon Tice <brand...@gmail.com>
To: midsout...@googlegroups.com

Sent: Thu, August 26, 2010 10:24:39 AM
Subject: Re: [MidsouthMakers] Active Directory / DNS gurus?

My question is this:

Let's say I own a company called MYCOMPANY and I own the web site mycompany.com which can be reached externally by going to http://www.mycompany.com/ OR http://mycompany.com/.  All that is great.

[Charles]

I'm a idiot, but......

why not have the webservers on the domain controller just point to the
www.mycompany.com?

Its a patch but it would be one quickly deployed one.


Just set the delay in the meta tag to = 0 and most users won't even
know they got bounced to another page.

okay let the flaming start.

On Aug 26, 10:24 am, Brandon Tice <brandont...@gmail.com> wrote:
> My question is this:
>
> Let's say I own a company called MYCOMPANY and I own the web site

> mycompany.com which can be reached externally by going tohttp://www.mycompany.comORhttp://mycompany.com.  All that is great.

>
> However, from within our internal Windows network, you can only access our

> site by going tohttp://www.mycompany.com.  If you attempt to go tohttp://mycompany.com, you get an "Under Construction" message.  Now I
> believe that is because when you attempt to go tohttp://mycompany.com, you

> aren't actually hitting the webserver, but rather the Active Directory

> domain controller.  When I run an nslookup onwww.mycompany.com, I get a

> result of the internal IP address of the webserver, which is correct.
>  However, when I run an nslookup on mycompany.com with no WWW, then I get a
> list of all of the domain controllers in the company instead of the
> webserver, which is not in the list at all.
>
> So basically the problem is that our Active Directory domain that we all log
> into is MYCOMPANY and the web address is mycompany.com, which internal DNS
> resolves to the domain controllers rather than the webserver.  I realize

> that thehttp://www.mycompany.comsite works internally due to the A record

[Ed Stafford]

First, try firefox going to mycompany.com and see which it brings up.

--
Ed Stafford

[Joe Ferguson]

If you're not using any other sub domains:

Add this to the .htaccess in the root folder of the web server

RewriteEngine on
RewriteCond %{HTTP_HOST} !^www.MYCOMPANY.com
RewriteRule ^(.*)$ http://www.MYCOMPANY/$1 [R=permanent]

This will force any MYCOMPANY.com to http://www.MYCOMPANY.com
If you are using various sub domains that you would browse, that will need some tweaking.

--
- Joe Ferguson
http://www.midsouthmakers.org

[Danny Chamberlin]

The problem isn't external - it's internal.

He said that external access to www.mycompany.com and mycompany.com are fine.  It's internal - which may be an AD config issue.

Danny

[mike wurst]

That's why I had asked about the IP addressing, sometimes you can simply create a pointer in DNS that will point from the external to the internal and you can access it either way but I wanted to know if the IPaddressing is the same.  If you ping mycompany.com, what kind of return do you get?

---

From: Danny Chamberlin <crit...@gmail.com>
To: midsout...@googlegroups.com
Sent: Thu, August 26, 2010 1:16:33 PM
Subject: Re: [MidsouthMakers] Re: Active Directory / DNS gurus?