Active Directory Tip: Access External Website With The Same Domain Name As Your Internal Domain
It is often the case that companies use their external domain (i.e. enirtia.com) for their internal Active Directory domain, and this is completely fine, except when you want to access your website which is hosted on an external server.
Active Directory automatically sets up an internal DNS server for use on your network, and assumes that it is the Authorative server for the domain you used, which in our case here is “example.com”. When clients on your internal network ask your Active Directory DNS server for a lookup on example.com it is going to direct them to one of your domain controllers. If you request”www.enirtia.com” and you happen to have IIS running on one of those domain controllers you will see whatever the default website that is running on that server.
To get around this we need to add a redirect to your IIS server, a Host record to your internal DNS server, and a delegation to your DNS server, all of which are simple to do. These changes are based on the assumption that your external website is setup on external DNS servers with an “A” record pointing”www.enirtia.com” to the IP address of the server that is hosting your website, and that example.com without the “www” is setup with a CNAME record pointing at”www.enirtia.com”. If it is setup in the opposite manner this will not work.
Host Record:
First find out what the IP address is of the external web server if you do not already know it. Go to Start > Control Panel > Administrative Tools > DNS and locate example.com. Right-click and choose “New Host (A or AAAA)”. Type “www” into the name field, and the IP address of your external web server into the IP Address field. Click the “Add Host” button to save.
IIS Redirect:
To redirect “http://enirtia.com” to “http://www.enirtia.com we need to create a redirect in your IIS server. Go to Start > Control Panel > Administrative Tools > Internet Information Services and locate the Default Web Site. Right-Click on the default web site, and choose Properties. Go to the Directory tab and setup a redirect to point to”www.enirtia.com”.
DNS Delegation:
To create a DNS Delegation you must know the names of external name servers servicing your domain name. Go to Start > Control Panel > Administrative Tools > DNS and locate example.com. Right-Click and choose “New Delegation”. Type www into the Delegated Domain field, click next and provide it with external authorative name servers for your domain name.
2 Responses to “Active Directory Tip: Access External Website With The Same Domain Name As Your Internal Domain”
Hi Justin,
I am kind having problem in similiar situation. We had setup the website same name as our domain name. For external access we do not have any problem by seting up NAT in our firewall the public IP pointing the private IP of the web server.The web server is in DMZ.
But internally i am having problem. We have two domain controllers with DNS. I created the CNAME and A record pointing to the web server, before that i deleted the A record that pointing to the two domain controller. Now when we browse internally everything is fine, but after 10 to 12 hours DNS keeps creating the A record for the two domain contrllers, at the time when we browse the website, it comes up the defualt website of the domain controllers. Then again i have to delete the A record of the DCs.
Do i am missing anything. I really apperciate to your reply.
Thank you
Joe
Hi Joe-
The A record that you are deleting, is it with the “www” or without (i.e. http://www.domain.com or domain.com)?
AD requires A records for your DCs without the “www”, it will automatically create the records if they do not exist, as I think you are seeing. However, You should be able to create a CNAME for the “www” record that points to your webserver. Your only option to make “domain.com” redirect to the correct webserver would be to setup a redirect on each of your DCs default websites.
I hope that helps. Let me know if I missed the point.
-Justin