Active Directory Naming, internet name or not.

I'm about to install a new directory into a new business, they own the internet domain name for thier company and will be running an email exchange internally.

My question is, should I name the AD domain as the internet domain or not, ie. peoples logins to the AD will be the same as thier email address.

I heard several people tell me its best to do it both ways, and I'm unsure of the pros and cons of doing it.
robomonkeyAsked:
Who is Participating?

Improve company productivity with a Business Account.Sign Up

x
 
JamesDSConnect With a Mentor Commented:
robomonkey
DO NOT name the AD domain as the same as your DNS domain.

If you domain is QUANGO.COM then best practice is QUANGO.LOCAL
You then set the exchange server to route email for QUANGO.COM and as long as the MX records are in place for QUANGO.COM then everything will work fine.

The reason for this is to avoid SPLIT HORIZON DNS where you have to resolve machines on the same domain that are not on your local subnets. This is not insumountable, but is a pain in the ass that you don't have if the internal and external domain is different.

Cheers

JamesDS
0
 
robomonkeyAuthor Commented:
Does it make much difference if I change the AD name completely to QUGO for example, I assum that the .local replaces the .com and its not quango.local.com?
0
 
JamesDSCommented:
robomonkey
No, as long as the two are different, then there is no issue whatsoever. You ONLY ever see the SPLIT HORIZON DNS issue when the internal and external domain names are exactly the same.

Yes I did mean the .com is replaced by the .local. Actually quango.local.com would work too, but because it's three DNS levels and not 2 like quango.local it would slightly complicate your forward lookup zone heirarchy and forwarded queries would be slightly less efficient if you chose to use the "append suffix of parent domain" option in your TCP settings.

However, you should stick with "something.somethingelse" (like QUANGO.LOCAL) for your internal AD domain as AD has trouble with single name domains (IE just QUANGO)

Cheers

JamesDS
0
Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

 
JamesDSCommented:
robomonkey
Also it is a good idea to use the .LOCAL moniker as the IETF has said it will never use the .LOCAL as an internet available top level domain name - IE it has been "officialy" reserved as internal use only.

Cheers

JamesDS
0
 
robomonkeyAuthor Commented:
Brilliant James thankyou,

One last question, If I have an Install CD which says Microsoft Windows 2003 Standard Edition, is that a small business CD or the complete 2003 Server edition???  I'm supposed to have small business install but not too sure.
0
 
berni1234Commented:
i have same names for ad and internet.
the only problem which occured in my situation was, that internal users could not resolve the dns-name for our webpage. so i created a www-entry on the (internal)DNS and all works ...
0
 
JamesDSCommented:
robomonkey
Microsoft Windows 2003 Standard Edition is NOT the same as Windows Small Business Server 2003 which is a different product.

Microsoft Windows 2003 Standard Edition is suitable for installing places where you don't have to cluster the server with lots of nodes and don't have to have massive (like 8GB+) RAM.

If all you want is an active directory installation on a server (or servers) then this is fine. If you want to run a complete business of a single server with AD, exchange, ISA, IIS and SQL server all installed together then you need SBS 2003

Cheers

JamesDS
0
 
JamesDSCommented:
berni1234
Yup, that would be the split horizon DNS problem.

You can partially solve it by putting in hosts entries for your web and other servers (hosted externally), which is what you did.

This is fine when you only have a few webservers to deal with, but becomes a serious pain if you have an entire infrastructure externally hosted and with a DNS infrastructure not under your direct control. Hence my advice.

There are other complication around remote access etc, but these do not usually affect the small business and large companies tend to ensure that their internal and external DNS domains are different.

Trust me, I design this stuff for a living :)

Cheers

JamesDS
0
 
robomonkeyAuthor Commented:
OK, I definetly have server 2003 standard.

Does that mean I have to buy stuff like exchange, ISA,  seperately?

Am I correct in say SBS is a cut down version of server 2003, but with lots of extras like exchange, ISA, included?

I aslo have Office Small Business edition, what effect if any will that have?

Sorry to drift so far from the original question.
0
 
robomonkeyAuthor Commented:
If I click 'configure your server' I can install 'mail server (pop3, smtp)' whats that and how does it work, does it check internet mail addresses and download the messages to be opened locally?
0
 
JamesDSCommented:
robomonkey
too many questions, post a new Q on EE!

Yes you will need to buy exchange, ISA if you want them as well
No, Office SBE has no effect and is an unrelated product

Sort of, report into the Windows Server 2003 area and get a better answer there!


Cheers

JamesDS
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.