Considerations for Setting up Windows Server 2008

Hi EEs,

I have to setup a new Network with Windows Server 2008 with :

* Domain Controller,
* Exchange Server 2007,
* SQL Server 2008,
* Anti Virus Server (Kaspersky / Norton) Windows 2K8,
*  25 Windows XP Clients,

Kindly advice:

Should my domain name be MYDOMAINNAME.LOCAL OR MYDOMAINNAME.COM internally...Which one better?..(I am not going to host any webserver inside my network, only exchange will be hosted & Remote Web Work Plance & OWA will be there for remote users)

Which all Security Policies i must consider for internal  & external logins into my network into my domain?

What can be the password policies for all domain users?

What forest / domain level i need to keep?

What audit policy i need to configure?

How to setup Disk Quota automatically assigned to all domain users at login?

Which all ports I need to keep open & close on DC & Exchange server in a production environment?

What are the pre-requirements for installing 2K8 in new network?

Kindly advice with your experience what all I need to consider while setting up a new network with Windows 2008 server & Exchange 2007 Server....

An earlier reply will be highly appreciated,

Thanks in advanced...


Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

dxbdxb2009Author Commented:
Any updatessssssss pls.....
Alan CoxSr. Systems Engineer | Lead Microsoft CIE Qualified FacilitatorCommented:
that is a lot of information to sort through. how many servers are you wanting to build? virtual? physical? new exchange organization and new domain? but I would go with .local for internal and setup both .local and .com zones in dns. sever 2008 functioal level if your DCs are only 2008.
1st things I would do is keep a .local domain these days there is little to no benefit to going to .com and it often confuses people so .local is the way to go. as for security policies and password polices the best place to start is to review the security templates which come with windows and perhaps apply one of those to get started with then customize as needed.

here is a link which details the different security templates:
IT Pros Agree: AI and Machine Learning Key

We’d all like to think our company’s data is well protected, but when you ask IT professionals they admit the data probably is not as safe as it could be.

dxbdxb2009Author Commented:
thanks acox65807 for your reply,
all 6 servers will be physical,
yes, it will be new org in new domain,
okay...i will go for .local for internal why not .com internally?
which dns server i will put .local & my internal dns(AD) server or the domain name i registered with A name or Hostname)?
Pls advice...for the same...
any strong tech reason why we should not go .com internally & should go for .local internally?
any why thanks for the link for GP i will go through & will updates...
Alan CoxSr. Systems Engineer | Lead Microsoft CIE Qualified FacilitatorCommented:
If you own the domain name, then it will work and some do it. But the preferred method is to have .local (private) for internal. So in your DNS server, you would create an additional zone for your public DNS zone (e.g. The internal zone will be created (.local) when you installed your DC (dc promo, advanced options). DNS servers will replicate, you don't put one zone on one and another on another DNS server. All AD integrated DNS servers will have both zones.
So basically, your first step is to get AD installed, Bring on a new server that will be your DC/GC and run DCpromo (advanced options), New domain in new forest. Then when this is done, go into DNS and add your second foreward look up zone for your .com

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
dxbdxb2009Author Commented:
sorry for delay... per your guidelines i have purchased (from one domain name ... & internal is set to mydomainname.local.
DC has been installed with 2k8 server now pls advice:
* what all i need to configure in my account( for exchange 2k7?
* what are the pre-installation task of exchange 2k7?
* what are the post-installation task of 2k8 dc & windows domain network?
* what are the steps to configure my internal DNS to replicate with outside world?
* which all ports i must remained closed on DC & exchange which will not be used?
* what are the security aspects i must think before creating any object in AD?
* how i would setup a Terminal Server on DC? do you advice i should make TS on DC or I should buy separate hardware for TS for HP thin clients?

 Pls I can go ahead further..

thanks in advance...
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Network Architecture

From novice to tech pro — start learning today.