AD domain and Internet domain

Say you have an AD domain, cigars.com.

You also have a company website, cigars.com hosted by a third party such as GoDaddy.

Clients in the cigars.com AD domain think that the DCs are the authoritive DNS servers for that domain. If you goto cigars.com in a web browser it just errors out.

How does one forward this or enable this functionality to pass through to the internet root DNS servers?

Find more posts tagged with

Save $250 on 2025 certification boot camps from Infosec!

Book now with code EOY2025

Button

Comments

paintb4707

Add an A record to your DNS server for "www" so that the FQDN is "www.cigars.com" and direct it to the IP address of your webserver. Keep in mind the users will HAVE to use www.cigars.com when accessing the company website.

Jordus

i just thought of doing that, and you;re right it does work.

Problem here is i have a bunch of subdomains i.e. sales.cigars.com, visitors.cigars.com, etc.

So adding all those in will be a pain in the butt

paintb4707

Jordus wrote: »

i just thought of doing that, and you;re right it does work.

Problem here is i have a bunch of subdomains i.e. sales.cigars.com, visitors.cigars.com, etc.

So adding all those in will be a pain in the butt

Subdomains as in for your website? Then just add an A record for each, the main site will have to be www however. sales.cigars.com will be accessible by sales.cigars.com

dynamik

This is exactly why you should choose a different domain name for your internal network, such as corp.company.com or company.local.

HeroPsycho

Please research "split DNS"! You want Split DNS!

Jordus

I think ill go with something internal and just alleviate the problem from the get go.

I'll check out Split DNS as well, though.

Thanks guys.

whatthehell

Great feedback/info.
So with split DNS --- what would be some negatives or vulnerabilities in using it?

Seems like the internal DNS server should sit behind a firewall, so internal resources should be relatively fine?