Domain Naming

I am setting up a brand new DC for a new Forrest at a corporate headquarters.  I will be eventually putting in an SQL Server and an Exchange server.  What domain name should I use for this primary DC.  I want to make sure everything resovles properly after I get DNS and Active directory in place.

I set up DCs before on smaller implenmentations, and I am just starting to take my upgrade for my Winnt MCSE, but I don't want to foul this up.  Some had told me to just use the domain name of my company, and other told me this was wrong.

What is best practive?  If I own the Internet domain name "", do I create my domain in DNS as "" in active directory, or should I use a different name.  Should I use, or use something completely different like This site will always be the primary site for AD.
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

While Active Directory primarily uses DNS for names to be resolved, it can be entirely seperate from the Internet's DNS - don't forget that the Internet's DNS does not have to proliferate into your internal naming convention.  Many installations will simply use <company>.local or some derivate of the company name.  Note that RFC 2606 deals with top level domain names that have been reserved - as far as I know .local is not reserved, but is logically unlikely to become used on the Internet, so is most likely safe.

If you do decide to use a "live" DNS name for the internal network, then you could run into problems if someone wants to browse/ftp/whatever to the real (presumably external) DNS.

RFC 2606:
Basically you can set it up either way you would like either xyz.local OR  If you set up your DNS correctly both will work fine.  I personally like setting up my registered domain name ( for example) to be the same as my internal DNS name.  IE so they are both  This way users can use the same domain name regardless of if they are on your lan or at home.  Again the trick is setting up your DNS servers correctly.  If you use for both your internal and external DNS name then you internal (AD) dns server will respond to DNS queries with your LANs private address range (192.168.x.x for example).  Your external DNS server would respond with the public IP addresses of your externally exposed servers (mail and WWW).

for example

internal would point to     where is the LAN address of your www server
external would point to            where is the public IP of your www server.

this way everything is transparent to your users  IE they always get to your www server using the exact same dns name ( and there is no messing around with any stuff.
Steve McCarthy, MCSE, MCSA, MCP x8, Network+, i-Net+, A+, CIWA, CCNA, FDLE FCIC, HIPAA Security OfficerIT Consultant, Network Engineer, Windows Network Administrator, VMware AdministratorCommented:
I tend to like the other route, keeping my internal network seperated from my Internet presence.  While I have as my domain name, my internal network is  I have seen some issues in the past where named the same there were problems, as Barthax states, but then too I have seen them work fine.

It is a call you will have to do.  The nice thing is that if I have and we expand alot, then my fire department, say would be, etc.,  For me it keeps it all organized and logical.

As I said though and as mikeleegria said, you can set it up either way.
something no one has touched on yet is the exchange server, and the email addressing issue.

I do like samccarthy's approach of using a delegated subdomain of your domain name.  i usually set up for my clients, but your situation is unique.  eveyrone has mentioned DNS, and this is the biggest issue for you.  whichever route you go, you're going to run into some kind of trouble.  i'm more worried about the email services you're going to run with exchange.  if you go with yadda.local, you are going to have more configuration to do in order to get your exchange server to accept internet email.  again, going with a delegated subdomain, would prove difficult as well.

personally if security isnt a big issue, go with your company name for your domain name.   this should simplify things later for you with regard to DNS and email addressing.  Just remember that you need to set up your DNS servers to point to external sites for things like: if it is hosted at another location.  if you're hosting everything internally, by all means go with yoru company name.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Steve McCarthy, MCSE, MCSA, MCP x8, Network+, i-Net+, A+, CIWA, CCNA, FDLE FCIC, HIPAA Security OfficerIT Consultant, Network Engineer, Windows Network Administrator, VMware AdministratorCommented:
For Exchange, my MX for my points to my Exchange server on and works fine.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.