Link to home
Start Free TrialLog in
Avatar of HDWILKINS
HDWILKINS

asked on

DNS, Active Directory question

I have a new client who has an Internet Domain:  xyz.com.  They both publish a web page and have an e-mail server at a remote site.

Looking at their server today (which has never really been set up correctly) I noticed that the Windows 2000 domain seems to be named xyz.com.  This is a single server environment with 20 workstations on non-routable IPs behind a Linksys Router.

It seems to me that this is a conflict with DNS.  Am I correct about this.  Shouldn't the domain have been something like officelan.xyz.com?

Harry
ASKER CERTIFIED SOLUTION
Avatar of adowns
adowns

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Hey guys, good question..
The answer, No.. Its a bad planning move, it does cause resolution problems, & will limit security options if you'd want to host active directory integrated dns zones and internet zones as well.
-Think about this... If your first domain controller had internet access at the time you ran dcpromo and chose to use a dns domain name that existed on the internet, you would not have been able to use the name..
-Using platt.lan or hq.platt.com garantee's no conflict with an existing internet domain.
There are no problems if the following conditions are met:

* All DC's are available from both the internet as well as the intranet.

* All DNS servers for that internet domain (for instance, xyz.com) must be members of the windows domain and get their data from the AD. This will guarantee that the DNS records returned are correct.

* You do not use the pure domain name as name for other services (e.g. http://xyz.com/ must not be used, but http://www.xyz.com/ can be used).

* Clients must not have names conflicting with services (e.g. you must not call a client "WWW" if you want to use "www.xyz.com" for a service).

If these are met, you should have no problems at all.
Avatar of HDWILKINS
HDWILKINS

ASKER

I'm accepting adowns answer because he says that he's done it and it works and I have an existing system that if it ain't broke, I don't want to fix - and - it seems to be working so I'm not going to fix it.

That is not to say that I think its a bad idea to run the risk of confusing DNS and if I were setting up the machine from scratch, I would have planned it differently.

Thanks everyone

Harry
I agree Harry, I wouldnt change a customers existing domain name just because it was not the recommended dns name space choice.