QuazzieM
asked on
New AD DS Forest Questions.. Need help badly
Hey everyone,
I'm having a bit of a conundrum about the new forest domain name and what possible implications it can have if I chose the wrong name convention...
Current Setup
The current issue is that the company I work for was bought out by another company and atm, where using a 2-way forest trust.
The company also has another site in Africa which is using a different forest domain but doesn't have any forest trust to either of the other 2 domains.
The current forest domains are:-
1. Company1.local (my old company)
2. Company2.com.au (main company)
3. internal.company2direct.co
To make it worse, all three sites have their own Exchange environment and there's all types of file share/application authentication issues between sites.
Therefore, the company has decided that they want to get rid of all the exchange environments/file shares and so forth and move everything to Office365, including SharePoint and Lync
New Solution
They have also decided that they want a new forest with a single domain and that the locations and security will be delegated by using different OU structures/GPO's as it's all going to administered by 2 people at the main company site. This is non-negotiable as they don't want sub/child domains or different forests, just a single entity.
They're using a third party to do the Office365 design and implementation. However I have been assigned to setup the new initial ADDS server for the new forest.
After some reading I've found that we really shouldn't be using '.local' or '.internal' for the forest root domain. I suggested that we use 'internal.thecompanynameth
They want me use the following for the forest root domain 'au.cnf' with a NetBIOS of 'CNF'
Is that really such a good idea or is there any situation whereby using 'au.cnf' as the prefix.suffix could cause any issues?
I would of like to use 'internal.cnf.com.au' however the domain name 'cnf.com.au' is already registered by another company..
Once the new forest is created, I'll be setting it up with the ADFS to Office365 and create 2way forest trusts from the new forest the 3 old ones and start migrating users to the new forest domain.
Thanks in advance for you help
I'm having a bit of a conundrum about the new forest domain name and what possible implications it can have if I chose the wrong name convention...
Current Setup
The current issue is that the company I work for was bought out by another company and atm, where using a 2-way forest trust.
The company also has another site in Africa which is using a different forest domain but doesn't have any forest trust to either of the other 2 domains.
The current forest domains are:-
1. Company1.local (my old company)
2. Company2.com.au (main company)
3. internal.company2direct.co
To make it worse, all three sites have their own Exchange environment and there's all types of file share/application authentication issues between sites.
Therefore, the company has decided that they want to get rid of all the exchange environments/file shares and so forth and move everything to Office365, including SharePoint and Lync
New Solution
They have also decided that they want a new forest with a single domain and that the locations and security will be delegated by using different OU structures/GPO's as it's all going to administered by 2 people at the main company site. This is non-negotiable as they don't want sub/child domains or different forests, just a single entity.
They're using a third party to do the Office365 design and implementation. However I have been assigned to setup the new initial ADDS server for the new forest.
After some reading I've found that we really shouldn't be using '.local' or '.internal' for the forest root domain. I suggested that we use 'internal.thecompanynameth
They want me use the following for the forest root domain 'au.cnf' with a NetBIOS of 'CNF'
Is that really such a good idea or is there any situation whereby using 'au.cnf' as the prefix.suffix could cause any issues?
I would of like to use 'internal.cnf.com.au' however the domain name 'cnf.com.au' is already registered by another company..
Once the new forest is created, I'll be setting it up with the ADFS to Office365 and create 2way forest trusts from the new forest the 3 old ones and start migrating users to the new forest domain.
Thanks in advance for you help
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Would using a shorter UPN sort this issue out?? Sorry I'm dont know enough about UPN's and what they bring to the AD DS side of things
ASKER
I'm more leaning towards using the 'longcompanydomaindname.co
As were moving to more Azure cloud services like Office365/Sharepoint/Lync and I can only see us starting to utilise more IaaS sooner rather then later.
My only concern is that by using such a long winded forest root domain of 'internal.longscompanydoma
For example, if they needed to type.. 'https://intranet.longcompanydomainname.com.au' for a sharepoint site in Office365 or if the app requires them to use username@longcompanydomain
Is there something that can be configured in AD/DNS that could create some sort of shortened verisons for these types of situations?