Share via

Azure ADDS causes DNS lookups to fail

Richard Duane Wolford Jr 206 Reputation points
2023-09-07T22:35:02.0733333+00:00

We have an internal domain, say contoso.local, and we enabled Azure ADDS using contoso.com. Our VPN users are unable to access www.contoso.com due to DNS, but of course when not connected to our vpn they resolve correctly. How do we fix this? We need our internal users to be able to access www.contoso.com by way of the public IP, but we still need Azure ADDS to work for them. We also run on-prem Active Directory and use AD Connect. Our public DNS is not hosted by Azure.

Thanks!

Microsoft Entra
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
20,631 questions
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Givary-MSFT 30,931 Reputation points Microsoft Employee
    2023-09-11T11:23:36.9133333+00:00

    @Richard Duane Wolford Jr Thank you for reaching out to us, As I understand you are looking for details related to Azure ADDS/DNS configuration.

    Do the domains (public and aadds) have the same name? Our recommendation is not to use a DNS namespace that is already in use, whether by public domain, or on-prem adds... for this example you have mentioned, one option would be:
    On-prem: contoso.local
    Audience: consoto.com
    AADDS: aadds.contoso.com

    if its same name, there is no workaround, and the best option will be to recreate the AADDS with another name.

    User's image

    Reference: https://learn.microsoft.com/en-us/azure/active-directory-domain-services/tutorial-create-instance#create-a-managed-domain

    Let me know if you have any further questions, feel free to post back.