Setting up my new Windows Server 2012 r2 with a registered domain name and subdomain for AD.

Hey guys, I have a new 2012 r2 server.  I am wondering the right way to setup the domains and in what order.  I just purchased {ex. nct.net}, do I setup my server with this domain then create a subdomain for Active Directory.  The reason for this is because I know that I cannot add my .local domain name to a certificate.  Can you guys also provide step by step instruction if possible.  Thanks
PowerC280Asked:
Who is Participating?

Improve company productivity with a Business Account.Sign Up

x
 
DrDave242Connect With a Mentor Commented:
Also internal domain should really be .local
This can work, especially if nothing within the AD domain will require a public presence, but using .local or another non-public suffix is no longer considered a best practice. This is due in part to the SSL certificate issue and the general trend toward cloud integration. Using a three-label internal domain name based on your public domain name (like internal.procom.net) is the best option in the long run.

Note that there's no requirement to integrate your public and private domains, even if the name of the latter is based on the former; they're still separate namespaces.
0
 
rick81Commented:
The domain u create for AD is a local domain name for the network, it's not related to your web/email domain. Call the AD domain whatever u like.

For the email or web domain you would usually set this in exchange or IIS depending what you are using it for. Then you can create your Ssl certificate based on that.
0
 
rick81Commented:
You would add your sub domain to IIS or exchange also. And then you can setup both for a certificate or multiple certificates.
0
Easily Design & Build Your Next Website

Squarespace’s all-in-one platform gives you everything you need to express yourself creatively online, whether it is with a domain, website, or online store. Get started with your free trial today, and when ready, take 10% off your first purchase with offer code 'EXPERTS'.

 
PowerC280Author Commented:
Right now I set my domain up as:

AD-procom.net or do I have to set my domain up as:  AD.procom.net

The domain I purchased is called: procom.net


What is best practices...ad.procom.net (AD DS) as internal and procom.net as external if I want to use for a website, email or something
0
 
rick81Connect With a Mentor Commented:
the AD domain is just a local domain name, like a workgroup.  It is just so you internal network can communicate, it has nothing to do with your email/web domain. (external)  you can call you local domain (AD) whatever you like.  ie Procom  (dont put .net or .com)  windows will add a .local extension to it anyway.

the domain name you purchased procom.net is your external domain (what is seen on the internet) you can have multiple of these.

so you could call you AD domain procom
and your external domain as you said is procom.net

it might even be a better option to call the domain somehting completely different so there is no confusion or config issues down the track.  you could call it your business name or your name or anything.
0
 
PowerC280Author Commented:
what I did was I made my internal (internal.procom.net) would that be ok because I was reading and it says try to stay away from .local.  I am setting up DHCP and it asks me for my parent domain...do I leave it the default which is: internal.procom.net or do I change it.
0
 
rick81Commented:
Leave as the default. That is your parent domain.
0
 
rick81Connect With a Mentor Commented:
Also internal domain should really be .local
You don't need to put the extension on just call it procom

Here is a step by step guide to setup https://social.technet.microsoft.com/wiki/contents/articles/12370.step-by-step-guide-for-setting-up-a-windows-server-2012-domain-controller.aspx
0
 
PowerC280Author Commented:
Is there an easy way to change the domain name without demoting and starting all over?
0
 
rick81Commented:
no real way to change the domain name without demoting, etc. this is the best way to do it.

if you have already setup the domain, etc just leave as is.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.