[ExchangeList] Re: OWA and domains and Activesynch
- From: "Thomas W Shinder" <tshinder@xxxxxxxxxxx>
- To: <exchangelist@xxxxxxxxxxxxx>
- Date: Sat, 26 Aug 2006 08:10:29 -0500
http://www.msexchange.org
-------------------------------------------------------Actually, there are very
strong reasons to avoid .local and I never
deploy illegal TLDs. They lock the poor sap into a solution that greatly
complicates the customer's "Access Anywhere" plan.
Sure, you could use the "parallel" split DNS shim, but why not use a
pure split DNS for the most elegant and flexible solution? I have run
into just so many horked up networks because of the .local travesty that
I'll work whereever I can to make sure customers are victimized by it
again.
Thomas W Shinder, M.D.
Site: www.isaserver.org
Blog: http://blogs.isaserver.org/shinder/
Book: http://tinyurl.com/3xqb7
MVP -- ISA Firewalls
> -----Original Message-----
> From: exchangelist-bounce@xxxxxxxxxxxxx
> [mailto:exchangelist-bounce@xxxxxxxxxxxxx] On Behalf Of Chris Buechler
> Sent: Friday, August 25, 2006 5:11 PM
> To: exchangelist@xxxxxxxxxxxxx
> Subject: [ExchangeList] Re: OWA and domains and Activesynch
>
> http://www.msexchange.org
> -------------------------------------------------------Thomas
> W Shinder wrote:
> > The dreaded .local rears its ugly head again. People really
> should stop
> > doing that and use a split DNS. It would avoid so many
> problems, esp for
> > the small businesses that get duped into using .local
>
> This isn't really an issue. There's nothing wrong with using
> .local.
> You still need split DNS for your public domains with most firewalls,
> but it has nothing to do with the problem at hand. This
> isn't creating
> any sort of issue that you wouldn't have if you were using the actual
> registered domain. You just need an additional zone if your
> AD domain
> isn't the same as your public domain.
>
> Tom goes further into this argument in his ISA 2004 book, but
> even after
> reading that (which, for the most part, is a good book) the argument
> doesn't hold water. This is from experience - roughly half of the
> domains I administer use .local, with the other half using actual
> registered domain names. Neither is better or worse than the other.
> You just usually need an additional DNS zone in networks where you
> aren't using the company's registered domain name.
>
> To actually address the problem...
>
>
> >> I created an A record for
> >> mail.graphicsolutions.com in
> >> my internal DNS, yet when I ping internally it will only resolve
> >> correctly when I ping
> >> mail.graphicsolutions.com.gsi.local
> >>
>
> Because you created the A record as
> mail.graphicsolutions.com.gsi.local. You need to setup a new zone in
> your internal DNS servers for graphicsolutions.com, then add
> an A record
> there for mail. Then it'll resolve as you desire.
> Alternatively, you
> could instead create a CNAME for mail.graphicsolutions.com
> that points
> to your OWA server's internal FQDN (exchange.gsi.local or whatever).
>
> -Chris
>
> -------------------------------------------------------
> List Archives: http://www.freelists.org/archives/exchangelist/
> MSExchange Newsletter: http://www.msexchange.org/pages/newsletter.asp
> MSExchange Articles and Tutorials:
> http://www.msexchange.org/articles_tutorials/
> MSExchange Blogs: http://blogs.msexchange.org/
> -------------------------------------------------------
> Visit TechGenix.com for more information about our other sites:
> http://www.techgenix.com
> -------------------------------------------------------
> To unsubscribe visit http://www.msexchange.org/pages/exchangelist.asp
> Report abuse to listadmin@xxxxxxxxxxxxxx
>
>
>
-------------------------------------------------------
List Archives: http://www.freelists.org/archives/exchangelist/
MSExchange Newsletter: http://www.msexchange.org/pages/newsletter.asp
MSExchange Articles and Tutorials: http://www.msexchange.org/articles_tutorials/
MSExchange Blogs: http://blogs.msexchange.org/
-------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
-------------------------------------------------------
To unsubscribe visit http://www.msexchange.org/pages/exchangelist.asp
Report abuse to listadmin@xxxxxxxxxxxxxx
Other related posts: