Adding 3rd DNS IP in Advanced TCP/IP Settings Breaks Local Intranet


  • We are preparing a DR site and wanting to add the DR DNS IP to the NIC Properties >  Advanced TCP/IP settings for our units/managers (on a child domain). We have our 2 DNS Ips (primary, secondary) in their now but once we add the 3rd DNS entry and load IE it jumps to internet instead of local intranet. The pop up says local intranet is not on, etc, go through click enabled and it unchecked "Automatically Detect Intranet Network" but leaves the 3 boxes underneath it checked. The sites load correctly at that point. Why does this need to be unchecked? Anyway around it?

    We have systems where their passwords are encrypted and stored, all they do is click an icon to load their e-mail (OWA 2010, etc) and it automatically signs in. When the 3rd DNS IP is added it prompts for credentials, if we move it up or down in the list it works correctly. (As long as it is not at the bottom of the Advanced TCP/IP Settings in DNS Tab.

    Tuesday, March 13, 2012 7:36 PM


  • What DNS server is it exactly that you are adding? Does it host the same exact zone as the other two, or is it different, with different IPs? I assume the DR site has the same exact zone data as the prod site, for a true, warm/hot failover, otherwise, it will cause problems with AD, making IE problems a minor issue.

    And if you have a child domain, then it complicates it a bit, depending on how you have your parent-child DNS conifgured - whether a parent-child DNS delegation with each domain zone replicating only to their respective domains, or if the parent zone is replicated forest wide which would make the child domain name a subfolder under the forest root domain. Here's more on multiple domain forest DNS design options to see what I mean.

    DNS Design Options in a Multi-Domain Forest - How to create a Parent-Child DNS Delegation, and How to Configure DNS to create a new Tree in the Forest   


    Maybe you can describe the setup in more detail to better help and diagnose this.


    Ace Fekay
    MVP, MCT, MCITP Enterprise Administrator, MCTS Windows 2008 & Exchange 2007 & Exchange 2010, Exchange 2010 Enterprise Administrator, MCSE & MCSA 2003/2000, MCSA Messaging 2003
    Microsoft Certified Trainer
    Microsoft MVP - Directory Services
    Complete List of Technical Blogs:

    This posting is provided AS-IS with no warranties or guarantees and confers no rights.

    FaceBook Twitter LinkedIn

    Wednesday, March 14, 2012 12:20 AM