4

My company has a website with the domain name of acme.com. It also used acme.com as the AD domain name. External DNS is set up properly. Internal DNS has to resolve to the DC, for obvious reasons.

As we know, visitors to acme.com from outside our network get the website and visitors to acme.com from within our network hit the domain controller, for obvious reasons.

I am familiar with the usual answers found here and here that state it goes against best practice to use the same name for DNS and AD domains and to either 1) migrant my AD domain to another name or 2) use http redirection via IIS on each of the DCs in my forest.

Based on what I have read on Wikipedia and Reddit, it seems possible to solve this problem with a SRV record.

So, I created the following SRV record but it does not seem to work:

_http._tcp.acme.com. 86400 IN SRV 0 100 80 www.acme.com.

Is it even possible to "redirect" internal http requests from acme.com to www.acme.com using only a SRV record?

Community
  • 1
Nimrod
  • 143

2 Answers2

4

No. Web browsers don't use SRV records, so this won't work.

https://stackoverflow.com/questions/9063378/why-do-browsers-not-use-srv-records

And that's why it's not listed as an answer to the problem.

Community
  • 1
mfinni
  • 36,892
0

You've already linked to @MDMARRA's answer on SF which is what I was going to point you to, however he has a very helpful blog post on his personal blog that also explains in great detail AD domain names and choosing the right naming scheme here.

That being said, if all you're looking to do is get your your internal workstations/clients to be able to get to your website when they type in domain.com (in your case I'm sure acme is just an example) in their web browsers you can also use your DNS. On your DNS server create an A record in the ACME.COM Forward Lookup Zone and give it the name WWW and point it to the public IP of your website. It will create a record in that zone with www.acme.com that points to your public IP and will help your internal users resolve to the website when they type www.acme.com or just acme.com.

EDIT

Also, don't forget to add another A record in the same zone as above but give it no name and point it to your website's public IP as well. This will cover both www and non www queries.

I know I was late to the game with this answer but I wanted to make it known that there was another, albeit not always what I recommend, answer that fulfilled your request.

Esa Jokinen
  • 52,963
  • 3
  • 95
  • 151
Brad Bouchard
  • 2,557