Is it ok to use a .com for your internal Domain Name.

I was always taught that you never put a .com on your Domain name. I have always used .local. In the last few years we had a 2008 SBS that had issues with certificates. One of my colleagues wants to make our new domain a .com on the internal and external domain so he doesn't have problems with the SSL certificates that he is going to get from Godaddy. I want to use .local on the internal and .com on the external basically because I think it is safer. We will use Exchange 2010 on our network. It has a lot of auto discovery and other junk that he says will be easier to deal with having a .com on both. What says the public?
Who is Participating?
Hypercat (Deb)Connect With a Mentor Commented:
I agree with your colleague. There is nothing unusual about this, except that for many years Microsoft had pretty much dictated to SBS users that they have to use a .local domain name.  It's easier for people who don't really understand DNS, and that's why Microsoft did it that way for SBS.  However, it's a common practice, called split DNS, to have your internal and external domain names match (.com, .edu or whatever). In the "olden" days (yes, I am that old!), you'd have to do some special DNS configuration because initially DNS would try to make your server a root server. It doesn't do that anymore, so there aren't any major issues that come up with split DNS.

Exchange 2010 works very well with split DNS.  It requires a SAN (Godaddy calls it UCC) certificate because you have to have multiple names on a single certificate.  Exchange 2010 makes the certificate requesting procedure very smooth with a setup wizard, and for the most part it works very well.  

Forge ahead!
Some say you should use the same internal name as your public name.
Others say you should use a dedicated internal name.

You should NOT use .local.
Use .lan or .(other word).
Mac's think .local means local machine, not local network.

More on this subject:
Hypercat (Deb)Commented:
BTW, just to clarify, in terms of your safety comment, just because you use the same domain name internally and externally does not mean that your internal DNS server is exposed to the Internet.  You would still set up an external DNS zone using the same domain name and use it to resolve your external host names. Thus the term "split DNS."
All Courses

From novice to tech pro — start learning today.