Some question regarding the domain name of Windows 2003 Active Directory

Posted on 2004-11-07
Last Modified: 2010-04-19
Dear all experts,

  Last Saturday, I've upgrade my Windows NT 4 domain to Windows 2003 active directory and it seems everythings work fine.  However, I found that I did one thing wrong which is related to the internal domain name of my Active Directory.

  My friend told me in order to create an active directory, the internal domain name should contains a word named "local", for example if the netbios domain name is "microsoft", the AD domain name should be  I miss a word "local".  He told me by adding a word "local", it should prevent the conflict between internal domain name and external domain name.

  Now, I've the following questions and hope all for the experts give me some advice:

  - Should I use domain rename tools to rename my internal domain name?
  - By using this tools, will it brings me another problem?  It seems there will have a lot of changes on registery and DNS, I'm afraid it will bring me another problem.
  - If I keep using the old internal domain name, will it bring me a big trouble?  I'm going to install Exchange 2003 Server and ISA 2004 in this environment

   Please give me some advice, thank you.

Question by:LegalIT
    LVL 3

    Assisted Solution

    I think what your friend was getting at was using .local as the domain suffix instead of .com .org etc.   Your domain name should be microsoft.local instead of   As you've said it works that way but I'm not positive how much Exchange is going to like it.  Not too familiar with the domain rename tools but it's probably your only option right now besides doing a complete reinstall.  Definitely make sure you have a good backup and do this on the weekend so you have time to recover if necessary.  Using a .local shouldn't bring you any problems as far as Exchange sending a receiving mail, etc.  I use it on a few of my clients and have never had a problem.  As long as your DNS points to the right address you should be fine.  
    LVL 70

    Assisted Solution

    by:Chris Dent

    The main reason the .local (or any other private suffix) is suggested over the use of a public one is the administrative overhead of maintaining a copy of your Public DNS Records internally.

    That is, imagine you have a website hosted by an ISP on with a www entry on your external DNS. Because your internal server doesn't know anything about the www address it will say it doesn't exist to internal clients. This www address would have to be manually added to your own DNS to get it to work again internally.

    The use of a .local suffix bypasses this because your server is no longer responsible for, instead it owns mydomain.local so the public requests go off to the authority for the domain (most often your ISPs DNS).

    Exchange won't mind what domain name you use really as long as it can happily resolve external addresses. Of course if you do use .local then you will have to change the Default Recipient Policy to the .com (or other public suffix) variant so your users have the correct e-mail addressing on their accounts (this should be checked either way really).

    So, depending on how far into the Domain Setup you are I wouldn't recommend changing the name unless you feel the administrative overhead of manually updating the internal DNS with external records is too high. The Domain Rename tool is an option, but the process isn't all that easy (unless you have a lot of experience).

    For the rest I think Cnewgaard has it covered :)
    LVL 18

    Accepted Solution

    The company I work has over 200 sites with some hundreds servers and over 4000 workstations, and the internal and external domain name is the same, no problem. Noone from the outside can access the internal network, because of the firewall configurations, and no zone transfer is done in dns between the internal part of the domain and the outside world.

    In other words, you haven't done anything wrong, as the other experts has emphasised.

    Author Comment

    Thanks all experts

    Featured Post

    How to run any project with ease

    Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
    - Combine task lists, docs, spreadsheets, and chat in one
    - View and edit from mobile/offline
    - Cut down on emails

    Join & Write a Comment

    Suggested Solutions

    Numerous times I have been asked this questions that what is it that makes my machine log on so slow, there have been cases where computers took 23 minute exactly after taking password and getting to the desktop. Interesting thing was the fact th…
    On July 14th 2015, Windows Server 2003 will become End of Support, leaving hundreds of thousands of servers around the world that still run this 12 year old operating system vulnerable and potentially out of compliance in many organisations around t…
    This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor ( If you're looking for how to monitor bandwidth using netflow or packet s…
    Polish reports in Access so they look terrific. Take yourself to another level. Equations, Back Color, Alternate Back Color. Write easy VBA Code. Tighten space to use less pages. Launch report from a menu, considering criteria only when it is filled…

    730 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    16 Experts available now in Live!

    Get 1:1 Help Now