I have an AD domain "company.example.com" with a couple of servers inside, a DC "dc.company.example.com" hosting an AD-integrated DNS zone.
There is also a "example.com" public domain, with "ns.example.com" as authority, and some internal sites are published via ISA server, say "service.example.com".
Now our IT boss decided that it'll be nice that internal links will be the same as external, so that site users can exchange these links and not adapt them for their current location, but they will still resolve to the same site.
I have succeeded to make a "service.company.example.com" DNS name resolvable from either side, but now they want it to be "service.example.com" from either side, also it's desired that the internal traffic should not go through ISA server.
I think this can be implemented by making a "service.example.com" DNS record inside to refer to "service.company.example.com" existing internal web server, and "service.example.com" record on the public DNS can be resolved for ISA server's IP, as it's now, and then ISA will redirect requests inside on its own.
But, I am unable to create such a record on the DNS, as the AD domain is built-in third level (no parent domain in the forest! Otherwise it'll be doable) and the record is needed to be on the second level of DNS hierarchy.
How can I make the third-level domain link available without resolving to an external address?
