I have already migrated from Windows NT to Windows Server 2003. It has an Active Directory-integrated DNS server with the same domain name that we have in our ISP. I'm trying to check my webmail but I can't. I think that the problem is with the names resolution of my server, and someone told me to make some changes in my DNS server (with an alias for getting access to my Web site, www, and an MX file pointing to my ISP).
This is a common problem when the internal Domain Name matches the External domain. Here is what
is happening…the Windows 2003 server believes that it is the Start of Authority for your domain.
Let's call your domain mycompany.com for purpose of this example. You have register MYCOMPANY.COM
on the Internet and your ISP is hosting that name on their DNS server. The ISP's DNS server
believes that IT is the Start of Authority for MYCOMPANY.COM. People from outside of your company
will resolve names using the ISP's DNS, but computers inside your company that belong to the
Windows 2003 domain will resolve the DNS names via the Windows 2003 server. Since the Windows 2003
server believes that it is the Start of Authority for the DNS zone MYCOMPANY.COM, when it cannot
find an name like www.mycompany.com, it sends back a NOT FOUND, as opposed to forwarding the
request onto a DNS system that might be able to find the requested name.
You have a couple of choices here:
1) Rebuild your Windows 2003 Domain so that it uses a domain like corp.mycompany.com instead of matching the external name. Now, I realize this is going to take some work to do. However, if you are growing your company and you want to make sure you have a solid infrastructure, you will want to take the time to do this now.
2) Copy important entries into the local Windows 2003 DNS. This means you will want to create HOST records (also called A-Records) within the DNS on the Windows 2003 machine. It is as easy as creating a new folder in Explorer. Open DNS and right click on the zone and click create new record. Put a name like www.mycompany.com and type the IP address. Using the same technique you can add an MX record (Mail exchange record). Of course, you will always have to manually keep these two in sync. This type of DNS zone configuration is referred to as a split-horizon by some. This refers to the condition of have two DNS systems believing they are both the Start of Authority and thus the owner of the DNS zone.
When setting up the MX record for the zone you will be asked for a host name, that is the mail system. You then may need to create an A-record that translates the mail server's name to an IP. However, keep in mind that this record may be different then the outside record (in fact it really should be).
This was first published in June 2008