General discussion

Locked

Active Directory with external DNS serve

By deezl ·
We have recently installed a Windows 2000 domain and have set up the DNS servers as root servers for a closed network. We have dedicated internet access with DNS servers outside the firewall to service internet requests. We don't want to make the AD DNS servers forwarding servers because we have a limited list of users that are allowed internet access and due to the way DNS works, adding the external DNS servers as secondary servers does not work. Is there a way around this? Possibly a restricted user list?

This conversation is currently closed to new comments.

4 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Comments

Collapse -

Active Directory with external DNS serve

by timwalsh In reply to Active Directory with ext ...

You will have to have some method of forwarding even authorized internet requests to the external DNS servers therefore your AD DNS server(s) need to be forewarding servers. You should be able to set up a filter at the firewall to allow requests only from designated (authorized) IP addresses to be forwarded.

Collapse -

Active Directory with external DNS serve

by deezl In reply to Active Directory with ext ...

Poster rated this answer

Collapse -

Active Directory with external DNS serve

by Elisabyth In reply to Active Directory with ext ...

The solution to your problem is a product such as MS Proxy or ISA server. A proxy will resolve DNS rather than using a forwarding DNS server and allow you to control Internet access based on user. Managing Internet access based on IP address is a pain in a dynamically assigned world.

Collapse -

Active Directory with external DNS serve

by deezl In reply to Active Directory with ext ...

Poster rated this answer

Back to Windows Forum
4 total posts (Page 1 of 1)  

Related Discussions

Related Forums