Solved

Is it ok to use a .com for your internal Domain Name.

Posted on 2014-02-07
3
1,068 Views
Last Modified: 2014-02-07
I was always taught that you never put a .com on your Domain name. I have always used .local. In the last few years we had a 2008 SBS that had issues with certificates. One of my colleagues wants to make our new domain a .com on the internal and external domain so he doesn't have problems with the SSL certificates that he is going to get from Godaddy. I want to use .local on the internal and .com on the external basically because I think it is safer. We will use Exchange 2010 on our network. It has a lot of auto discovery and other junk that he says will be easier to deal with having a .com on both. What says the public?
0
Comment
Question by:aando
  • 2
3 Comments
 
LVL 38

Accepted Solution

by:
Hypercat (Deb) earned 500 total points
ID: 39843216
I agree with your colleague. There is nothing unusual about this, except that for many years Microsoft had pretty much dictated to SBS users that they have to use a .local domain name.  It's easier for people who don't really understand DNS, and that's why Microsoft did it that way for SBS.  However, it's a common practice, called split DNS, to have your internal and external domain names match (.com, .edu or whatever). In the "olden" days (yes, I am that old!), you'd have to do some special DNS configuration because initially DNS would try to make your server a root server. It doesn't do that anymore, so there aren't any major issues that come up with split DNS.

Exchange 2010 works very well with split DNS.  It requires a SAN (Godaddy calls it UCC) certificate because you have to have multiple names on a single certificate.  Exchange 2010 makes the certificate requesting procedure very smooth with a setup wizard, and for the most part it works very well.  

Forge ahead!
0
 
LVL 34

Expert Comment

by:Michael-Best
ID: 39843222
Some say you should use the same internal name as your public name.
Others say you should use a dedicated internal name.

You should NOT use .local.
Use .lan or .(other word).
Mac's think .local means local machine, not local network.

More on this subject:
http://forums.untangle.com/off-topic/32205-what-should-internal-domain-name.html
0
 
LVL 38

Expert Comment

by:Hypercat (Deb)
ID: 39843224
BTW, just to clarify, in terms of your safety comment, just because you use the same domain name internally and externally does not mean that your internal DNS server is exposed to the Internet.  You would still set up an external DNS zone using the same domain name and use it to resolve your external host names. Thus the term "split DNS."
0

Featured Post

Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

Join & Write a Comment

Suggested Solutions

Exchange server is not supported in any cloud-hosted platform (other than Azure with Azure Premium Storage).
Learn to move / copy / export exchange contacts to iPhone without using any software. Also see the issues in configuration of exchange with iPhone to migrate contacts.
In this video we show how to create an Accepted Domain in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Ac…
In this video we show how to create an email address policy in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Mail Flow…

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

24 Experts available now in Live!

Get 1:1 Help Now