Solved

Setting up my new Windows Server 2012 r2 with a registered domain name and subdomain for AD.

Posted on 2014-03-15
10
1,781 Views
Last Modified: 2014-03-19
Hey guys, I have a new 2012 r2 server.  I am wondering the right way to setup the domains and in what order.  I just purchased {ex. nct.net}, do I setup my server with this domain then create a subdomain for Active Directory.  The reason for this is because I know that I cannot add my .local domain name to a certificate.  Can you guys also provide step by step instruction if possible.  Thanks
0
Comment
Question by:PowerC280
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 3
10 Comments
 
LVL 6

Expert Comment

by:rick81
ID: 39931220
The domain u create for AD is a local domain name for the network, it's not related to your web/email domain. Call the AD domain whatever u like.

For the email or web domain you would usually set this in exchange or IIS depending what you are using it for. Then you can create your Ssl certificate based on that.
0
 
LVL 6

Expert Comment

by:rick81
ID: 39931223
You would add your sub domain to IIS or exchange also. And then you can setup both for a certificate or multiple certificates.
0
 

Author Comment

by:PowerC280
ID: 39931845
Right now I set my domain up as:

AD-procom.net or do I have to set my domain up as:  AD.procom.net

The domain I purchased is called: procom.net


What is best practices...ad.procom.net (AD DS) as internal and procom.net as external if I want to use for a website, email or something
0
Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

 
LVL 6

Assisted Solution

by:rick81
rick81 earned 375 total points
ID: 39932042
the AD domain is just a local domain name, like a workgroup.  It is just so you internal network can communicate, it has nothing to do with your email/web domain. (external)  you can call you local domain (AD) whatever you like.  ie Procom  (dont put .net or .com)  windows will add a .local extension to it anyway.

the domain name you purchased procom.net is your external domain (what is seen on the internet) you can have multiple of these.

so you could call you AD domain procom
and your external domain as you said is procom.net

it might even be a better option to call the domain somehting completely different so there is no confusion or config issues down the track.  you could call it your business name or your name or anything.
0
 

Author Comment

by:PowerC280
ID: 39932141
what I did was I made my internal (internal.procom.net) would that be ok because I was reading and it says try to stay away from .local.  I am setting up DHCP and it asks me for my parent domain...do I leave it the default which is: internal.procom.net or do I change it.
0
 
LVL 6

Expert Comment

by:rick81
ID: 39932180
Leave as the default. That is your parent domain.
0
 
LVL 6

Assisted Solution

by:rick81
rick81 earned 375 total points
ID: 39932181
Also internal domain should really be .local
You don't need to put the extension on just call it procom

Here is a step by step guide to setup https://social.technet.microsoft.com/wiki/contents/articles/12370.step-by-step-guide-for-setting-up-a-windows-server-2012-domain-controller.aspx
0
 

Author Comment

by:PowerC280
ID: 39932469
Is there an easy way to change the domain name without demoting and starting all over?
0
 
LVL 26

Accepted Solution

by:
DrDave242 earned 125 total points
ID: 39933164
Also internal domain should really be .local
This can work, especially if nothing within the AD domain will require a public presence, but using .local or another non-public suffix is no longer considered a best practice. This is due in part to the SSL certificate issue and the general trend toward cloud integration. Using a three-label internal domain name based on your public domain name (like internal.procom.net) is the best option in the long run.

Note that there's no requirement to integrate your public and private domains, even if the name of the latter is based on the former; they're still separate namespaces.
0
 
LVL 6

Expert Comment

by:rick81
ID: 39933219
no real way to change the domain name without demoting, etc. this is the best way to do it.

if you have already setup the domain, etc just leave as is.
0

Featured Post

Online Training Solution

Drastically shorten your training time with WalkMe's advanced online training solution that Guides your trainees to action. Forget about retraining and skyrocket knowledge retention rates.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Last week, our Skyport webinar on “How to secure your Active Directory” (https://www.experts-exchange.com/videos/5810/Webinar-Is-Your-Active-Directory-as-Secure-as-You-Think.html?cid=Gene_Skyport) provided 218 attendees with a step-by-step guide for…
Did you know that more than 4 billion data records have been recorded as lost or stolen since 2013? It was a staggering number brought to our attention during last week’s ManageEngine webinar, where attendees received a comprehensive look at the ma…
In this Micro Tutorial viewers will learn how to restore their server from Bare Metal Backup image created with Windows Server Backup feature. As an example Windows 2012R2 is used.
In this Micro Tutorial viewers will learn how to restore single file or folder from Bare Metal backup image of their system. Tutorial shows how to restore files and folders from system backup. Often it is not needed to restore entire system when onl…

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question