I have active directory set up for foo.example.com
I have an apache server behind an AWS ELB at awselb.amazon.example.com
I want my internal users to have access to all active directory resources at foo.example.com but I also want them to access the apache web server at foo.example.com
This is causing several problems.
Active Directory automatically registers A records at foo.example.com for the Domain Controllers.]2
This means I can't register a CNAME at the same address on the Active Directory DNS server.
I could likely fix that by putting the apache web server at a static IP address and using an A record, but then there are two A records that I do not want to resolve for my domain.
I'm wondering if I can disable this root level DNS entry. I'm also wondering what services will break if I do that.
Best Answer
Ideally, you should have an internal domain (local.example.com or whatever else) and Split DNS.
I don't recommend you have it set up the way I describe below, but it is the only solution to give the end users the experience they want.
Externally: Assign www.foo.example.com and foo.example.com to the public IP of your AWS instance.
Internally: Install a web service on your domain controllers and have your DC's website redirect your users from foo.example.com to www.foo.example.com, you can do this with Javascript.