Solved

Best Practice for Setting up Domain Controller + DNS Server with FQDN

Posted on 2011-03-13
5
1,896 Views
Last Modified: 2012-06-21
HI there,

I'm setting up a new Domain Controller, DNS, DHCP server from scratch. I'm wanting to do it in the best manner possible. I've been told that using proper FQDN is the best practice for several reasons. I attempted to use our FQDN 'mrdomain.co.nz' as the Domain Controller name, this also happens to be domain of our website (and company). This went through fine. However, i'm concerned this may not be the best practice as i've had a few wee issues with DNS & DHCP.
I'm interesting in hearing the pro's and con's of this method also.


I'm looking for some advice in this manner, and I'm sure more info will need to be provided.

Many thanks
0
Comment
Question by:lemonville
  • 3
5 Comments
 
LVL 7

Expert Comment

by:OxygenITSolutions
Comment Utility
Everyone is going to have different opinions so I'll just share some of my thoughts.

Search for technet Domain Controller best practices. Plenty of info around.

With 2008, if you are using a single disk system, I am finding using one big C drive is the best option.
Also use something like mrdomain.local or mrdomain.priv . Not best practice to use your public domain name.

Think about your backup Domain Contoller.

Make sure your structure is adequate and think about your naming conventions.

Finally, don't be afraid to wipe your DC if you are not comfortable. It's good practice and cleaner.

Good Luck!!
0
 
LVL 1

Author Comment

by:lemonville
Comment Utility
Thanks for that.

Regarding your statement on not using a public domain name. Is there any reason for this in particular? Do some people use it?

The other items we are all sorted on.
0
 
LVL 7

Expert Comment

by:OxygenITSolutions
Comment Utility
Basically, you do not want your Private Infrastructure directly accessible from the internet.
0
 
LVL 59

Accepted Solution

by:
Darius Ghassem earned 500 total points
Comment Utility
Doesn't really matter if you use your external domain name internally this will not affect your security of your internal domain. There are some pains on having same internal and external domain name though when it comes to DNS and resolving your external domain website if you have one. You can fix this with some DNS records though and an IIS redirect.


http://oddjobsintech.com/active-directory-tip-access-external-website-with-the-same-domain-name-as-your-internal-domain/

Read this article tells you not recommended because of DNS issues but again they can be fixed.

http://technet.microsoft.com/en-us/library/cc755946(WS.10).aspx
0
 
LVL 7

Expert Comment

by:OxygenITSolutions
Comment Utility
Guy asked for best practices, not security. Best practice is to not use your External Domain Name. You now have an environment you need to patch and hack to get to your website. Very messy. I think you heard what you wanted to hear.
0

Featured Post

Free Trending Threat Insights Every Day

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

Occasionally you run into the website or two that will not resolve properly using your own DNS servers.  Some people simply set up global forwarders for their DNS server.  I don’t recommend doing this because it can cause problems resolving addresse…
Sometimes drives fill up and we don't know why.  If you don't understand the best way to use the tools available, you may end up being stumped as to why your drive says it's not full when you have no space left!  Here's how you can find out...
This tutorial will show how to push an installation of Backup Exec to an additional server in both 2012 and 2014 versions of the software. Click on the Backup Exec button in the upper left corner. From here, select Installation and Licensing, then I…
This tutorial will walk an individual through configuring a drive on a Windows Server 2008 to perform shadow copies in order to quickly recover deleted files and folders. Click on Start and then select Computer to view the available drives on the se…

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now