none
Can I change the name for the directaccess-corpConnectivityHost DNS record? RRS feed

  • Question

  • Hello,

    Server 2012 R2.   Direct Access role

    We would like to have a DA test environment and production environment.   However, I am not sure it's possible to have them on the same domain name.   Tt appears they both want to use  the same dns record, directaccess-corpConnectivityHost.domain.lan.   I imagine they will conflict with each other.

    I don't see a place in the DA configuration to change the name of the record.   Anyone know a way to do so?

    Seems fitting I could make one directaccess-corpConnectivityHost-test and one directaccess-corpConnectivityHost-prod.

    Thank you




    • Edited by CSMatMan Tuesday, August 12, 2014 11:46 AM
    Monday, August 11, 2014 8:51 PM

Answers

  • Hi CSMatMan - guess as an option for the uat / dev server you could apply a new GPO with the settings required with a higher precedence than the DA Server GPO overwriting the settings required - would sort of keep it within the boundaries. Anyway - we have a resolution for now but an interesting concept anyway.

    John Davies

    • Marked as answer by CSMatMan Wednesday, August 13, 2014 12:09 PM
    Wednesday, August 13, 2014 8:25 AM

All replies

  • Hi There - Interesting question and one I haven't had to do. Although that said looking at the settings in DNS it's recommended to create these as static records anyway after the DA Wizard has run. Therefore after creating a new DA Standup (say for your UAT Server), letting the webprobehost record being automatically created in DNS by the DA Server, deleting it and recreating it (as stated above for uat directaccess-webprobehost.domain.lan) resolving to the internal IP of the DA Server. Then by going in to the DA Server wizard and choosing Step 1 Remote Clients you can change the name of the webprobehost to the DNS Record created for UAT. Although not having done this I can't see any reason why it should not work - but as always test it in isolation first.

    John Davies

    Tuesday, August 12, 2014 10:01 AM
  • Thank you John for the reply.   It just hit me I put the wrong DNS record with the issue.   directaccess-webprobehost can be altered.   I meant to say "directaccess-corpConnectivityHost" was the record I do not see that can be changed.

    I'll update my original post.

    Tuesday, August 12, 2014 11:44 AM
  • I did some testing and it looks like I can create my own dns record of "directaccess-corpConnectivity-Test" and then manually change the client GPO to point to it.    I then made a change on the DA configuration and clicked Finish to update the GPO client settings.   It did not overwrite my manual change.

    So that looks good.

    I do notice that the webprobehost entry in the GPO does not change in the GPOs.  I have to update it as well.   I can change the client gpo but the server gpo also has the entry.   Since there is no template for it, not sure how I can change it.   I need to change it from http://directaccess-WebProbeHost.domain.lan to http://directaccess-WebProbeHost-Test.domain.lan


    • Edited by CSMatMan Tuesday, August 12, 2014 12:50 PM
    Tuesday, August 12, 2014 12:50 PM
  • Hi CSMatMan - whilst that will work for your requirements - sorry to point out but altering the DirectAccess GPO's manually is not supported - hate doing that but it is true and I have to point it out.

    John Davies

    Tuesday, August 12, 2014 1:08 PM
  • Thanks John, since I'll only be manually changing the test one, I'm not as concerned.  I won't alter the production one in that way.  

    I wish there was a way to make the changes in the DA configuration though.



    Tuesday, August 12, 2014 1:16 PM
  • Hi CSMatMan - guess as an option for the uat / dev server you could apply a new GPO with the settings required with a higher precedence than the DA Server GPO overwriting the settings required - would sort of keep it within the boundaries. Anyway - we have a resolution for now but an interesting concept anyway.

    John Davies

    • Marked as answer by CSMatMan Wednesday, August 13, 2014 12:09 PM
    Wednesday, August 13, 2014 8:25 AM
  • That's a good idea, John.   I'll take a look into that.   Sounds doable.

    Thanks for the help.

    Wednesday, August 13, 2014 12:09 PM
  • Hi CSMatMan - quick update for you with regards the issue above. Did a little digging around and we can keep it within support for both environments. If you were to create a new Computer GPO for your DA Test Clients with item level targeting the following settings can be amended (because this is what the default DA Client GPO amends)

    Computer Configuration | Administrative Templates | Network | Network Connectivity Status Indicator | Specify corporate web probe host

    Computer Configuration | Administrative Templates | Network | Network Connectivity Status Indicator | Specify corporate DNS probe host

    Computer Configuration | Administrative Templates | Network | Network Connectivity Status Indicator | Specify corporate website probe URL

    If these have a higher precedence / or merge this should allow you to specify different DNS / Server and IP as needed

    Kr


    John Davies

    • Proposed as answer by Icon8000 Friday, August 15, 2014 9:21 AM
    Friday, August 15, 2014 9:21 AM
  • We have this setup and it works well.
    Thursday, August 28, 2014 5:00 AM