I've set up an internal subdomain for our Active Directory, which is showing properly as a forward lookup zone with all the internal hosts. However, the subdomain itself is resolving to an external IP address instead of pointing to our internal domain controllers like it should. When I run an nslookup for subdomain.domain.com from a computer that's joined to our internal domain, it's not resolving as expected. This makes accessing sysvol folders by domain name impossible. Can someone guide me on how to make this subdomain resolve correctly to our internal DNS? Is this a common issue?
2 Answers
I had a similar issue with my setup! It turns out there was an old domain controller still listed as the FSMO role holder for the DomainDNSZone, and it caused the DNS to misbehave. If you're comfortable with it, using ADSIEdit to change the FSMORoleOwner could fix it, but be cautious! It might look complex, so double-check everything before making edits.
Definitely! If you're uneasy about ADSIEdit, consider running the command 'ntdsutil' in the command prompt. It’ll guide you through managing FSMO roles without diving into the raw AD data.
It sounds like your problem might be related to the DomainDNSZones and ForestDNSZones in your Active Directory setup. I've seen this issue before, and it usually stems from something not being configured correctly in those zones. You might want to check your settings there to ensure everything is pointing to the right internal resources.
Thanks for the advice! I’m a bit hesitant about using ADSIEdit. Is there a simpler way to resolve FSMO roles without risking too much?