-1

I'm looking to obtain the same consequences of having a line server_ip domain_name (eg., 192.168.154.21 mywebsite.com) in the file hosts (/etc/hosts or %system32%/drivers/etc/hosts) but for all (or a subset if possible) computers of a private local domain (ie., a set of computers from an intranet), in the case of a private network (AD) of windows servers 2019. In particular, I want to add domains, and subdomains (eg., mywebsite.com, mail.mywebsite.com, api.mywebsite.com).

Let's have a domain controller (DC), also having a DNS role; all computers of the intranet have this DNS as first DNS, so they resolve to the domains I added. Should I use the DNS records, given that the DC will be the first DNS ? How ? Is there any alternative ?

Using DNS records would be my first thought, but this does not seems to be the right way:

Dnscmd tool can only create new zone and it cannot create domain. When we want to create a subdomain in DNS server. it is recommanded to create a new zone for the subdomain. It benifits the zone tranfer. Thanks for your understanding.

[1] https://social.technet.microsoft.com/Forums/windows/en-US/5624ffbf-96dd-4d62-91f6-8bdcc264ef71/create-a-new-dns-domain-within-a-zone-using-script?forum=winserverDS

[2] Should engineering have its own DNS zone, delegate, or subdomain?

[3] Private DNS zone that resolves private subdomains, and forwards to public nameserver for existing public subdomains

Soleil
  • 159
  • 1
  • 10

1 Answers1

1

I ended up adding private domains in the DNS, itself in the DC box. For the other computers, I needed to make sure that the DC/DNS ip is the first DNS.

I manage the DNS scopes and records with IPAM, itself installed in another virtual machine (Windows Server 2019 with GUI).

I don't know if it's the best practice, but it works well; new AD computers can access directly to the private domains with minimal configuration. That's very convenient for development and testing, as well as for production.

Soleil
  • 159
  • 1
  • 10