DNS Namespace

Posted on 2007-03-25
Last Modified: 2010-03-17
Hi I have recently inhertited a 2003 AD that has a DNS zone already created for network naming. Thing is its  created with a .com zone ie the external domain and not the usual .local you'd see. Now this company do not host there own dns/web servers. so what i was wondering is there are handy way to reconfigure this zone with a .local domain instead of the .com. without losing anything or disturbing network users?
Question by:georgemildred
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
LVL 48

Expert Comment

ID: 18789822

nope that would be a complete rename of your domain which you dont want to go down :)


LVL 25

Expert Comment

ID: 18789841
there is nothing wrong with having a .com DNS name for an AD domain.  Some engineers do it like that and some do it with the .local namespace.  They both have their pros and cons, but they will both work fine as long as they are setup correctly.  There are many threads about this topic on EE where people vent about one is correct and the other is not.... since they both work fine, they are both correct IMO. I would advise you to leave it alone as Jay Jay did.  I actually like having the same internal and external DNS name myself.


Author Comment

ID: 18792012
but will this not cause hassle for users. will it slow anything down?
when you say setup right is there anything special on a zone created with a .com instead of a .local that i shoul be looking for?

Office 365 Training for Admins - 7 Day Trial

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

LVL 25

Expert Comment

ID: 18797552
>>but will this not cause hassle for users. will it slow anything down?
no,, actually it will be faster since they can resolve dns queries for 'your domain' locally 100% of the time.  with a .local and a .com namespace the .com DNS server may be offsite since it is a 'public' DNS server,,, if you use the same namepace for both, they will both be resolved locally on your 'internal .com" DNS server.  As far as the hasssle issue for users, it is actually easier for users IMO since they will ALLWAYS use the .com address.  For example, if .local and .com are used, then users will need to go to mail.domain.local when they are internal and when they are external (thus remembering two URLs for everything).  If you use .com internally, then they can access their mail both internally and externally in the exact same way ( Assuming you have it setup correctly of course.

the important thing is just to create the A records correctly.  On your internal DNS server needs to point to the IP address that your users 'hit' your mail server from the inside on.  on your external DNS server you need to create the A record that external users access your mail server on.  THese may or may not be the same IP depending on your setup.

Author Comment

ID: 18837651
ok so i am expericing a problem a the moment wereas this domain is called which has its own 2003 dns server internal, and all seems well until users try hit the company website which is also and the website is hosted by our isp. what woudl i need to add to my internal dns server to avoid this page cannot be displayed thing when users from the internal try to access the company web site

LVL 25

Accepted Solution

mikeleebrla earned 500 total points
ID: 18837687
all you need to do is create an "A" aka host record on your internal DNS server for the host 'www' and point that A record to the external IP of your www server that is hosted by your ISP.  that way whenever internal clients to an NSLOOKUP it will resolve to the public IP, just as when they are not 'in' your network.


Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article explains the steps required to use the default Photos screensaver to display branding/corporate images
Auditing domain password hashes is a commonly overlooked but critical requirement to ensuring secure passwords practices are followed. Methods exist to extract hashes directly for a live domain however this article describes a process to extract u…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question