Javier196
asked on
Domain Naming
I am setting up a brand new DC for a new Forrest at a corporate headquarters. I will be eventually putting in an SQL Server and an Exchange server. What domain name should I use for this primary DC. I want to make sure everything resovles properly after I get DNS and Active directory in place.
I set up DCs before on smaller implenmentations, and I am just starting to take my upgrade for my Winnt MCSE, but I don't want to foul this up. Some had told me to just use the domain name of my company, and other told me this was wrong.
What is best practive? If I own the Internet domain name "xyz.com", do I create my domain in DNS as "xyz.com" in active directory, or should I use a different name. Should I use hq.xyz.com, or use something completely different like hq.xyz? This site will always be the primary site for AD.
I set up DCs before on smaller implenmentations, and I am just starting to take my upgrade for my Winnt MCSE, but I don't want to foul this up. Some had told me to just use the domain name of my company, and other told me this was wrong.
What is best practive? If I own the Internet domain name "xyz.com", do I create my domain in DNS as "xyz.com" in active directory, or should I use a different name. Should I use hq.xyz.com, or use something completely different like hq.xyz? This site will always be the primary site for AD.
Basically you can set it up either way you would like either xyz.local OR xyz.com. If you set up your DNS correctly both will work fine. I personally like setting up my registered domain name (xyz.com for example) to be the same as my internal DNS name. IE so they are both xyz.com. This way users can use the same domain name regardless of if they are on your lan or at home. Again the trick is setting up your DNS servers correctly. If you use xyz.com for both your internal and external DNS name then you internal (AD) dns server will respond to DNS queries with your LANs private address range (192.168.x.x for example). Your external DNS server would respond with the public IP addresses of your externally exposed servers (mail and WWW).
for example
internal would point www.xyz.com to 192.168.1.1 where 192.168.1.1 is the LAN address of your www server
external would point www.xyz.com to 1.2.3.4 where 1.2.3.4 is the public IP of your www server.
this way everything is transparent to your users IE they always get to your www server using the exact same dns name (www.xyz.com) and there is no messing around with any www.xyz.local stuff.
for example
internal would point www.xyz.com to 192.168.1.1 where 192.168.1.1 is the LAN address of your www server
external would point www.xyz.com to 1.2.3.4 where 1.2.3.4 is the public IP of your www server.
this way everything is transparent to your users IE they always get to your www server using the exact same dns name (www.xyz.com) and there is no messing around with any www.xyz.local stuff.
I tend to like the other route, keeping my internal network seperated from my Internet presence. While I have xyzcity.com as my domain name, my internal network is cityhall.xyzcity.com. I have seen some issues in the past where named the same there were problems, as Barthax states, but then too I have seen them work fine.
It is a call you will have to do. The nice thing is that if I have cityhall.xyzcity.com and we expand alot, then my fire department, say would be firedept.xyzcity.com, etc., For me it keeps it all organized and logical.
As I said though and as mikeleegria said, you can set it up either way.
It is a call you will have to do. The nice thing is that if I have cityhall.xyzcity.com and we expand alot, then my fire department, say would be firedept.xyzcity.com, etc., For me it keeps it all organized and logical.
As I said though and as mikeleegria said, you can set it up either way.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
For Exchange, my MX for my xyzcity.com points to my Exchange server on cityhall.xyzcity.com and works fine.
If you do decide to use a "live" DNS name for the internal network, then you could run into problems if someone wants to browse/ftp/whatever to the real (presumably external) DNS.
RFC 2606: http://www.ietf.org/rfc/rfc2606.txt?number=2606