[Webinar] Streamline your web hosting managementRegister Today

x
?
Solved

Setting up my new Windows Server 2012 r2 with a registered domain name and subdomain for AD.

Posted on 2014-03-15
10
Medium Priority
?
2,004 Views
Last Modified: 2014-03-19
Hey guys, I have a new 2012 r2 server.  I am wondering the right way to setup the domains and in what order.  I just purchased {ex. nct.net}, do I setup my server with this domain then create a subdomain for Active Directory.  The reason for this is because I know that I cannot add my .local domain name to a certificate.  Can you guys also provide step by step instruction if possible.  Thanks
0
Comment
Question by:PowerC280
  • 6
  • 3
10 Comments
 
LVL 6

Expert Comment

by:rick81
ID: 39931220
The domain u create for AD is a local domain name for the network, it's not related to your web/email domain. Call the AD domain whatever u like.

For the email or web domain you would usually set this in exchange or IIS depending what you are using it for. Then you can create your Ssl certificate based on that.
0
 
LVL 6

Expert Comment

by:rick81
ID: 39931223
You would add your sub domain to IIS or exchange also. And then you can setup both for a certificate or multiple certificates.
0
 

Author Comment

by:PowerC280
ID: 39931845
Right now I set my domain up as:

AD-procom.net or do I have to set my domain up as:  AD.procom.net

The domain I purchased is called: procom.net


What is best practices...ad.procom.net (AD DS) as internal and procom.net as external if I want to use for a website, email or something
0
Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

 
LVL 6

Assisted Solution

by:rick81
rick81 earned 1500 total points
ID: 39932042
the AD domain is just a local domain name, like a workgroup.  It is just so you internal network can communicate, it has nothing to do with your email/web domain. (external)  you can call you local domain (AD) whatever you like.  ie Procom  (dont put .net or .com)  windows will add a .local extension to it anyway.

the domain name you purchased procom.net is your external domain (what is seen on the internet) you can have multiple of these.

so you could call you AD domain procom
and your external domain as you said is procom.net

it might even be a better option to call the domain somehting completely different so there is no confusion or config issues down the track.  you could call it your business name or your name or anything.
0
 

Author Comment

by:PowerC280
ID: 39932141
what I did was I made my internal (internal.procom.net) would that be ok because I was reading and it says try to stay away from .local.  I am setting up DHCP and it asks me for my parent domain...do I leave it the default which is: internal.procom.net or do I change it.
0
 
LVL 6

Expert Comment

by:rick81
ID: 39932180
Leave as the default. That is your parent domain.
0
 
LVL 6

Assisted Solution

by:rick81
rick81 earned 1500 total points
ID: 39932181
Also internal domain should really be .local
You don't need to put the extension on just call it procom

Here is a step by step guide to setup https://social.technet.microsoft.com/wiki/contents/articles/12370.step-by-step-guide-for-setting-up-a-windows-server-2012-domain-controller.aspx
0
 

Author Comment

by:PowerC280
ID: 39932469
Is there an easy way to change the domain name without demoting and starting all over?
0
 
LVL 27

Accepted Solution

by:
DrDave242 earned 500 total points
ID: 39933164
Also internal domain should really be .local
This can work, especially if nothing within the AD domain will require a public presence, but using .local or another non-public suffix is no longer considered a best practice. This is due in part to the SSL certificate issue and the general trend toward cloud integration. Using a three-label internal domain name based on your public domain name (like internal.procom.net) is the best option in the long run.

Note that there's no requirement to integrate your public and private domains, even if the name of the latter is based on the former; they're still separate namespaces.
0
 
LVL 6

Expert Comment

by:rick81
ID: 39933219
no real way to change the domain name without demoting, etc. this is the best way to do it.

if you have already setup the domain, etc just leave as is.
0

Featured Post

Will You Be GDPR Compliant by 5/28/2018?

GDPR? That's a regulation for the European Union. But, if you collect data from customers or employees within the EU, then you need to know about GDPR and make sure your organization is compliant by May 2018. Check out our preparation checklist to make sure you're on track today!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

How to deal with a specific error when using the Enable-RemoteMailbox cmdlet to create a mailbox in the cloud-based service, for an existing user in an on-premises Active Directory.
Transferring FSMO roles is done when an admin wants to split roles between certain Domain Controllers or the Domain Controller holding the Roles has been forcefully demoted using dcpromo / forceremoval
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
This video shows how to use Hyena, from SystemTools Software, to update 100 user accounts from an external text file. View in 1080p for best video quality.
Suggested Courses

607 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question