Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

Best Practice for Setting up Domain Controller + DNS Server with FQDN

Posted on 2011-03-13
5
Medium Priority
?
1,922 Views
Last Modified: 2012-06-21
HI there,

I'm setting up a new Domain Controller, DNS, DHCP server from scratch. I'm wanting to do it in the best manner possible. I've been told that using proper FQDN is the best practice for several reasons. I attempted to use our FQDN 'mrdomain.co.nz' as the Domain Controller name, this also happens to be domain of our website (and company). This went through fine. However, i'm concerned this may not be the best practice as i've had a few wee issues with DNS & DHCP.
I'm interesting in hearing the pro's and con's of this method also.


I'm looking for some advice in this manner, and I'm sure more info will need to be provided.

Many thanks
0
Comment
Question by:lemonville
  • 3
5 Comments
 
LVL 7

Expert Comment

by:OxygenITSolutions
ID: 35123645
Everyone is going to have different opinions so I'll just share some of my thoughts.

Search for technet Domain Controller best practices. Plenty of info around.

With 2008, if you are using a single disk system, I am finding using one big C drive is the best option.
Also use something like mrdomain.local or mrdomain.priv . Not best practice to use your public domain name.

Think about your backup Domain Contoller.

Make sure your structure is adequate and think about your naming conventions.

Finally, don't be afraid to wipe your DC if you are not comfortable. It's good practice and cleaner.

Good Luck!!
0
 
LVL 1

Author Comment

by:lemonville
ID: 35123782
Thanks for that.

Regarding your statement on not using a public domain name. Is there any reason for this in particular? Do some people use it?

The other items we are all sorted on.
0
 
LVL 7

Expert Comment

by:OxygenITSolutions
ID: 35123792
Basically, you do not want your Private Infrastructure directly accessible from the internet.
0
 
LVL 59

Accepted Solution

by:
Darius Ghassem earned 2000 total points
ID: 35123922
Doesn't really matter if you use your external domain name internally this will not affect your security of your internal domain. There are some pains on having same internal and external domain name though when it comes to DNS and resolving your external domain website if you have one. You can fix this with some DNS records though and an IIS redirect.


http://oddjobsintech.com/active-directory-tip-access-external-website-with-the-same-domain-name-as-your-internal-domain/

Read this article tells you not recommended because of DNS issues but again they can be fixed.

http://technet.microsoft.com/en-us/library/cc755946(WS.10).aspx
0
 
LVL 7

Expert Comment

by:OxygenITSolutions
ID: 35153588
Guy asked for best practices, not security. Best practice is to not use your External Domain Name. You now have an environment you need to patch and hack to get to your website. Very messy. I think you heard what you wanted to hear.
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A procedure for exporting installed hotfix details of remote computers using powershell
This article provides a convenient collection of links to Microsoft provided Security Patches for operating systems that have reached their End of Life support cycle. Included operating systems covered by this article are Windows XP,  Windows Server…
This tutorial will walk an individual through the steps necessary to configure their installation of BackupExec 2012 to use network shared disk space. Verify that the path to the shared storage is valid and that data can be written to that location:…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
Suggested Courses

810 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question