Community Pick: Many members of our community have endorsed this article.
Editor's Choice: This article has been selected by our editors as an exceptional contribution.

Choosing the correct domain name

Glen KnightLead Techical Consultant


Domain Names are a critical part of your Windows Environment. The DNS (Domain Name System) is a foundation upon which Active Directories and Resources rely upon. It can be a real problem if you need to go back and change your Domain Name.

So, before building your Windows domain it is important to choose the “correct” domain name.  Wherever possible you need to try and plan ahead, of course you cannot plan for company name changes or, a take over in years to come, because you simply don’t know about them.  But….we can plan to be flexible, and we must consider technical and ownership issues at the same time.

Choosing your domain name

Whilst most people believe that the internal windows domain name needs to be something.local this isn’t strictly true.  While it is often easier if the suffix is .local, strictly speaking, it doesn’t have to be. Let’s consider that point…

Some of the largest enterprises in the world use their external domain name on their internal network.  The most important consideration is that if you use that you actually own

Why is this important? One of the main reasons that this is becoming a problem in recent days is because of 3rd Party SSL Certificates that are used to secure Small Business Server and/or Exchange 2007/2010.  One of the default requirements for these systems is using the internal fully qualified domain name of your Exchange Server.

So by way of example let’s say you have an internal domain name of and your external domain name is

When setting up an Exchange 2007/2010 server you would need to request an SSL Certificate that contained the following names:
When you request a certificate with these names in the first thing the Certificate Authority (CA) will do is perform a WHOIS lookup on the names you have requested. Anything will show as your company owning the registration.  EXCHANGSERVER isn’t a problem because this is recognised as the CA as an internal name.  

However when the CA performs a WHOIS lookup on they find that the registrant of this domain is a different company and therefore send them a request to authorise the name. Worse, if they don't find a registrant for the domain then it is removed from the certificate request.

Can you see the problem?  If you own then by all means use it in your internal domain name.  If you don’t own it then don’t use it.

This is why most consultants will opt to use the .local suffix on internal domains.  Because when the CA receives a request .local they know it’s not an internet suffix and they will authorise it.

Now what about the dreaded company rename?.....Another common misconception is that when setting up a Windows Domain you must use the domain name for which you want to receive email for.  This is completely untrue.

You can configure Small Business Server and all versions of Microsoft Exchange Server to receive emails for any domain name, regardless of your internal domain name.

So let us now consider calling your internal domain name mydomain.local?
It is not linked to a specific company name
it will allow you to receive emails for your email domain
if you change your company name you don’t need to worry about trying to change the domain name so the new owner (or existing one) doesn’t have to see the old company name day in day out?
because it has a .local suffix you will never run in to problems in the future with SSL Certificates


With wider use of SSL certificates and a few common misconceptions created by the industry, it is important to deliberate over your internal domain name selection.  It’s also important to think ahead.  

What might be a good idea or even a bit of a laugh now, could come back to bite you in the rear in a few year's time. So, be careful and conservative when choosing your name.

I personally like to give my domains something non-descript, because I do a lot of work for small businesses which can and often do get taken over.  I had one company that was bought out twice within the space of 3 years.  I also had one company that split in to 2 companies and then both renamed themselves.

It can get messy and especially with Small Business Server where the internal domain name cannot be renamed, it can be impractical to use company specific domain names.

Of course there is always the case where the owner wants this but it’s our job as consultants to advise them why this isn’t a good idea.  And if they still want it then get it in writing :)
Glen KnightLead Techical Consultant

Comments (8)

Glen KnightLead Techical Consultant
Author of the Year 2010
Top Expert 2010


In what way?
your perspective on internal and external domain name is interesting  ,although  i think that to decrease the overhead i would recommend to use an  internal domain name even if the owner has a external domain name because we never know what he will want in the future
Glen KnightLead Techical Consultant
Author of the Year 2010
Top Expert 2010


Which is pretty much what I said in my article, which part do you not agree with?
kevinhsiehNetwork Engineer
Distinguished Expert 2021

It looks like Office 365 can have issues if you use mydomain.local. See

View More

Have a question about something in this article? You can receive help directly from the article author. Sign up for a free trial to get started.