Adding first Windows 2012 DC to existing domain using internal domain name same as public domain name

Current domain in Windows 2003.   The internal domain name is xx.com (xx=their public domain name).  There are approx 50 computers on the domain.

I know for creating new internal domain names, it is not recommended to use the public domain name (this was setup many years ago before this was known to be a future issue).

I am not sure if I should just ignore the "delegation for this dns server cannot be created" message and continue using the public domain name as the internal domain name (has never been a problem) or should I change the internal name from xx.com to sub.xx.com which I know is recommended by Microsoft.  Trying to avoid this path due to the obvious disruption and the amount of work involved.
humphrey06Asked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

JAN PAKULAICT Infranstructure ManagerCommented:
I kept mine same - and it works perfectly

you will have to create a split dns though - so your internal dns servers point to internal ip addresses and your external dns server advertisers (like account with fasthosts.co.uk which is free of charge and you can modify your external dns as you like) point to your external ip addresses (you should get few static ips from your isp)  which is then - using your firewall or router NAT policy- transcived to your internal ip addresses.
 

http://www.isaserver.org/articles-tutorials/installation-planning/You_Need_to_Create_a_Split_DNS.html
0
humphrey06Author Commented:
Thanks for your comments.  

I typically setup split DNS when installing new Exchange Servers where the internal and external domain names are different (e.g.  domain.local versus domain.com) in order to make the certificates and autodiscover records, etc work.

However, since both internal and external are both named domain.com, for this particular site, I have been using only the local zone, domain.com, and manually adding the www.domain.com host record to point to the external website while all other records are pointing to the servers and various workstations internally - all within the same zone on our internal DNS servers.

I'm not sure how the split DNS would be setup in this case.

Please clarify.  Thanks!
0
humphrey06Author Commented:
One more note that may be important.  We do not publish our DNS servers to the Internet.  Our primary domain.com zone is hosted externally by our ISP.  Also, our website is being hosted externally.

This is the reason that I added the www record to our internal DNS servers so that the internal computers within the network could access the website properly.
0
Big Business Goals? Which KPIs Will Help You

The most successful MSPs rely on metrics – known as key performance indicators (KPIs) – for making informed decisions that help their businesses thrive, rather than just survive. This eBook provides an overview of the most important KPIs used by top MSPs.

JAN PAKULAICT Infranstructure ManagerCommented:
who holds your external dns records for your www. address?

can you access and change your external dns records?
0
humphrey06Author Commented:
Our ISP.  I can change them.
0
JAN PAKULAICT Infranstructure ManagerCommented:
can you add any extra ones? like remote.  or ova. or files.  

then you point them to your firewall virtual ip address and using Nat translate them in your internal Ips.

for example you have intranet which you want staff to be able to access from home -

if internal dns name is intranet.yourdomainname.com with ip 192.168.70.1

in externale dns you are pointing it to same dns address but to ip which is in your firewall range (static isp range from ISP) nad translate it to your 70.1
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
humphrey06Author Commented:
yes.  we are doing that.  for example, mail.domain.com and autodiscover.domain.com are pointing to the public IP of our network while www.domain.com is pointing to the external site hosting the website.  I was under the impression that you were I suggesting that I setup a split DNS within our on DNS servers.

Sounds like we are OK then.  Correct?
0
JAN PAKULAICT Infranstructure ManagerCommented:
yes - works perfectly
0
humphrey06Author Commented:
Thanks for all your help!
0
humphrey06Author Commented:
I've requested that this question be closed as follows:

Accepted answer: 0 points for humphrey06's comment #a39473016

for the following reason:

Very timely and appreciated answering questions.
0
JAN PAKULAICT Infranstructure ManagerCommented:
Thanks for all your help! - but no points???
0
JAN PAKULAICT Infranstructure ManagerCommented:
Hopefully just a clicking mistake :)
0
humphrey06Author Commented:
it was.  I thought it would assign you all of the points automatically!   How do  assign the points?
0
JAN PAKULAICT Infranstructure ManagerCommented:
You have choose the best anwser (post) and mark it as accepted.
0
humphrey06Author Commented:
Thought I did that.   Will try again.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows Server 2012

From novice to tech pro — start learning today.