Domain naming conventions/best practices.  Will be deploying Exchange.

Posted on 2004-10-30
Last Modified: 2010-04-19
I work for a company that is technically "one" company located in two different cities.  Both offices are so independant of each other.  They actually act like two separate companies.  They have separate IT infratructure, separate payroll and account and separate revenue.  Which may be changing.

I have created a domain for one city last year and was told at that time, that the two cities would never need to have a common netowrk infrastructure.  (I did state my case on why they should be and was informed that if the other city chose to create an AD they would be in their own separate forest and domain and manageit their own way).   So with that being said, I created my domain name based on with the knowledge that the two offices will never need any sort of common IT infrastructure.  I figured it was a nice designation of the single network.

Now that management in the other city has changed, the company is evolving and resources from both offices needing access to IT resources in both cities, the talk of deploying exchange corporate wide is now on the table.  The other city will be creating a domain in order to deploy exchange and I've been tasked to lead this whole creation.

With that being said, what would be the best naming convention/deployment solution for the new network.

I would love to rename my domain to and have two sites in one domain (one in each city), but that is not an option.  I have thought about this and since I have never worked in a multi domained environement (and never deployed one) I would love some feedback.

Can the other domain be the same one I have created ( and still be part of the same forest?  

I "think" that with the corp in the front and users logging into "corp", it will not know if it's city1, or city2.  That's my concern.

Or should I rename mine to and the new domain to  Thius making people logging into their respective cities, which is their respective domain.

Question by:crazycanuck42
    LVL 104

    Expert Comment

    Depending on the resources I would consider a single forest, mutiple domain model.
    Have three domains - one for each city and a single resource domain. The resource domain contains the Exchange server and anything else that needs to be shared by all users (perhaps finance and file servers at a later date). It doesn't contain any users.
    The users have their accounts in the city domain but can access other resources in the other domain, depending on the permissions that have been set.

    You cannot have two domains both called corp, so you should change them to just city1, city2 etc. It puzzles me as to why you used a sub sub domain anyway. If I was setting it up, I would have used the main domain ( or at most a single sub domain - perhaps "".

    However this all depends on how large the two sites are and what kind of connection is available between the two sites. If we are talking 15 users per office, then it is a total overkill and I would go for a single domain model, with each office having its own dc and possibly Exchange server.
    If we are talking 200 users per office, then perhaps either of the scenarios are justified.

    Yet if the link between the two sites can only be a wet bit of string at best, then a different model, perhaps seperate domains with trusts might be the better option.

    LVL 11

    Expert Comment

    other considerations:
    if you want a complete isolated enviroment, you need 2 forests.
    if you have w2k3 domains, you can establish forest trusts to connect them and use the ad's of both.
    (but they must have different names)
    the easier to administer solution will be a single-domain model and usage of sites.
    to serve your spn login needs, you have to make a 3 domain model (root and one domain per site)

    Author Comment

    Thanks Sembee... the reson for the sub domain was decided upon well before I got here.  I wanted just but that collided with some other naming convention that was in place.  Also, it was mentioned that within the city would separate into two companies with two networks, but now that's not going to happen.  

    In the three domain model, would I need an exhange front end server with a DC in and two backend exchange with DC's in and

    The link between the offices are basically unlimited.  Right now it's on a 10 MB lan extension, but we actually have OC12 lines connecting the office that I can tap some bandwidth from.  We have about 100 users in each city and 10 more in a third city connected through dual T1.  

    What would be the best naming convention with the three domain model?  It has already been agreed that the two forest model is not an option.  I would prefer the one domain model, but I don't hink that would get approval.  Can I get away with a two domain model?  
    LVL 104

    Accepted Solution

    If you went the three domain, single forest model, then all the Exchange resources would sit in the third resource domain - even if this meant that there was an Exchange server in both offices. The problem with this model is hardware. If you went down that path it would require at least eight servers, and that is without redundancy.

    Resource domain.
    2 x DC (one in each office)
    2 x Exchange (one in each office)

    City 1 Domain
    1 x DC
    1 x File and everything else server

    City 2 Domain
    1 x DC
    1 x File and everything else server.

    Ideally you should have two domain controllers in each domain.

    As for Exchange, a front-end server provides resources for the backend servers, and cannot serve more than one domain. Therefore it would either have to serve Exchange servers in the same domain, or you would need two front-ends, one for each domain. It depends on the model you go for.

    However with only 100 users in each city, I would probably consider a single domain, single forest scenario.
    Exchange server and DCs in each office to keep the internetwork traffic down. The users can move between offices quite happily and access resources in both sites.
    If you need to create login scripts, drive mappings etc, then there are techniques that can be used to identify what site a user is on, or which site they belong to and fire settings appropriately.


    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone. Privacy Policy Terms of Use

    Featured Post

    How to run any project with ease

    Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
    - Combine task lists, docs, spreadsheets, and chat in one
    - View and edit from mobile/offline
    - Cut down on emails

    The HP utility "HP Lights-Out Online Configuration Utility for Windows Server 2003/2008" could be of great use when it comes to remotely configure a HP servers ILO WITHOUT rebooting the server. We would only need to create and run scripts using thi…
    Organizations create, modify, and maintain huge amounts of data to help their businesses earn money and generally function.  Typically every network user within an organization has a bit of disk space to store in process items and personal files.   …
    This video discusses moving either the default database or any database to a new volume.
    Excel styles will make formatting consistent and let you apply and change formatting faster. In this tutorial, you'll learn how to use Excel's built-in styles, how to modify styles, and how to create your own. You'll also learn how to use your custo…

    875 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    11 Experts available now in Live!

    Get 1:1 Help Now