Back

Configuring Multi NIC Domain Controllers for Single IP

stylebackground white Insure that all the NICS only point to your internal DNS servers only and none others such as your ISPs ...

3 min read
Published on Apr 6, 2013
Configuring Multi NIC Domain Controllers for Single IP
  • Insure that all the NICS only point to your internal DNS server(s) only and none others, such as your ISP’s DNS servers’ IP addresses.

  • In Network & Dialup properties, Advanced Menu item, Advanced Settings, move the internal NIC (the network that AD is on) to the top of the binding order (top of the list). http://windows.microsoft.com/en-US/windows-vista/Change-the-order-of-network-protocol-bindings

  • Disable the ability for the Internet NIC to register. The procedure, as mentioned, involves identifying the Internet NIC’s GUID number. This link will show you how: 246804 - How to Enable-Disable Windows 2000 Dynamic DNS Registrations (per NIC too): http://support.microsoft.com/?id=246804

  • Disable NetBIOS on the outside NIC. That is performed by choosing to disable NetBIOS in IP Properties, Advanced, WINS, disable NetBIOS

  • Disable the “File and Print Service” and disable the “MS Client Service” on the Internet NIC. That is done in NIC properties by unchecking the respective service under the general properties page. If you need these services on the outside NIC (which is unlikely), which allow other machines to connect to your machine for accessing resource on your machine (shared folders, printers, etc.), then you will probably need to keep them enabled.

  • Uncheck “Register this connection” under IP properties, Advanced settings, in IP4 and IP6 “DNS” tab.

  • Delete the Internet NIC IP address, disable Netlogon registration, and manually create the required records:

  • In DNS under the zone name, (your DNS domain name), delete the Internet NIC’s IP references for the “LdapIpAddress”. If this is a GC, you will need to delete the GC IP record as well (the “GcIpAddress”). To do that, in the DNS console, under the zone name, you will see the _msdcs folder. Under that, you will see the _gc folder. To the right, you will see the IP address referencing the GC address. That is called the GcIpAddress. Delete the IP addresses referencing the Internet NIC.

  • To stop these two records from registering that information, use the steps provided in the links below: Private Network Interfaces on a Domain ontroller Are Registered in DNS http://support.microsoft.com/?id=295328 The one section of the article that disables these records is done with this registry entry:

    HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesNetlogonParameters

    DnsAvoidRegisterRecords

    Data type: REG_MULTI_SZ

    Values (2 lines):

    LdapIpAddress

    GcIpAddress

  • Then you will need to manually create these two records in DNS with the IP addresses that you need for the DC. To create the LdapIpAddress, create a new host under the domain, but leave the “hostname” field blank, and provide the internal IP of the DC, which results in a record that looks like:

    • (same as parent) A 192.168.5.200 (192.168.5.200 is used for illustrative purposes
  • You need to also manually create the GcIpAddress as well, if this is a GC. That would be under the _msdcs._gc SRV record under the zone. It is created in the same fashion as the LdapIpAddress mentioned above.

  • In the DNS console, right click the server name, choose properties, then under the “Interfaces” tab, force it only to listen to the internal NIC’s IP address, and not the IP address of the Internet NIC.

  • Since this is also a DNS server, the IPs from all NICs will register, even if you tell it not to in the NIC properties. See this to show you how to stop that behavior (this procedure is for Windows 2000, but will also work for Windows 2003): 275554 - The Host’s A Record Is Registered in DNS After You Choose Not to Register the Connection’s Address: http://support.microsoft.com/?id=275554

Learn about our Managed Service & Cloud Consulting services.

This post has matured and its content may no longer be relevant beyond historical reference. To see the most current information on a given topic, click on the associated category or tag.

Related Posts

CMMC Compliance — Understanding the Requirements and Why It's Important

CMMC Compliance — Understanding the Requirements and Why It's Important

CMMC compliance is crucial for protecting Controlled Unclassified Information (CUI) in defense contracts. Learn what CMMC is, its certification levels, and why it matters.

Jul 2, 2025
9 min read
CMMC Certification vs. Self-Assessment What You Need to Know

CMMC Certification and Self-Assessment: What Contractors Need to Know

Not all contractors need a third-party CMMC certification. Find out the differences between CMMC certification and self-assessment and which one applies to your organization.

Jul 1, 2025
7 min read
How Much Does It Cost to Achieve CMMC Compliance?

How Much Does It Cost to Achieve CMMC Compliance and Prepare for Certification?

CMMC compliance costs vary by level and organization size. Get a breakdown of certification expenses, hidden costs, and funding options for meeting CMMC requirements.

Jun 30, 2025
7 min read
Azure Migration Planning A Complete Assessment Checklist for a Successful Transition

Azure Migration Planning A Complete Assessment Checklist for a Successful Transition

A successful Azure migration starts with proper planning. Use this step-by-step assessment checklist to evaluate infrastructure, dependencies, and tools before migrating.

Jun 23, 2025
7 min read
Migrate On-Premises VMs to Azure: Tips, Advice & Best Practices

Migrate On-Premises VMs to Azure: Tips, Advice & Best Practices

Learn how to migrate on-premises VMs to Azure with expert tips and best practices. Optimize your cloud migration strategy for security, performance, and cost efficiency.

Jun 20, 2025
9 min read
Azure Migration vs AWS Migration Key Differences

Comparing Azure Migration and AWS Migration Key Differences in Cloud Strategy

Comparing Azure and AWS for cloud migration? Learn the key differences in pricing, security, tools, and performance to choose the right platform for your business.

Jun 18, 2025
8 min read

Ready to Secure and Defend Your Data
So Your Business Can Thrive?

Fill out the form to see how we can protect your data and help your business grow.

Loading...
Secure. Defend. Thrive.

Let's start a conversation

Discover more about Agile IT's range of services by reaching out.

Don't want to wait for us to get back to you?

Schedule a Free Consultation

Location

Agile IT Headquarters
4660 La Jolla Village Drive #100
San Diego, CA 92122

Secure. Defend. Thrive.

Don't want to wait for us to get back to you?

Discover more about Agile IT's range of services by reaching out

Schedule a Free Consultation