Solved

internal domain name and activesync

Posted on 2014-12-12
4
222 Views
Last Modified: 2014-12-22
I am setting up a new domain to migrate users off a domain I created about seven years ago.  Part of my internal domain name was owned by someone and caused problems when trying to get SSL certs.  So going to start from scratch then use ADMT to move user accounts, etc

1) for the internal domain name I would like some advice.  my public facing domain is '@someplace.com', so I was going to make my internal domain 'internal.someplace.com', with a NetBIOS name of 'SP'.  So my users, when needed to specify the domain they are logging into would put 'SP\username'.  Any advice on this?

2) I want my users to be able to setup their EAS phones with as little input as possible.  I am aware of autodiscover, but not sure it can provide my users with the domain name if needed.  So then I started thinking well maybe I should set my internal NetBIOS name to 'someplace' as well.  

What is the best practice for the internal domain name and NetBIOS name?
What configuration would make it possible for my EAS phone users to simply enter 'username@someplace.com' and have the remaining fields populate with the correct information (essentially the user's domain and mail server 'mail.someplace.com')

hopefully that is all clear and makes sense.... I saw a Microsoft article that said it is recommended to make the domain prefix and domain NetBIOS name the same...
0
Comment
Question by:Zorniac
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 81

Assisted Solution

by:David Johnson, CD, MVP
David Johnson, CD, MVP earned 100 total points
ID: 40497712
Subdomain name = Netbios name is still recommended.
0
 
LVL 63

Accepted Solution

by:
Simon Butler (Sembee) earned 400 total points
ID: 40497796
If you are depending on Autodiscover to make mobile clients easier to use, then you are in for a disappointment. It is very unreliable on mobile devices. Not Microsoft's fault, but a problem with the way that the mobile vendors have implemented Autodiscover on their devices.
Hopefully the purchase of Accompli by Microsoft will make life easier, with a client that works correctly instead of the inconsistent native clients.

The internal domain doesn't really matter. I have a number of sites where the NETBIOS domain is XX and the FQDN is xxxxx.com and it doesn't cause a problem. I like having the short NETBIOS name. Just ensure that you are using a domain that you control.

Furthermore, what I do with new domains now is configure the UPN to match their email address. This confuses a lot of admins who think the UPN is their email address (particularly in the wizards for account creation), but it does make life a lot easier for people.

As for your reason for wanting to create a new domain, that isn't really a problem any longer.
If your domain was example.local then you wouldn't be able to include that in the SSL certificate either. The same resolution for that would work for you.
Change all of the Exchange configuration to use your public domain name, split DNS etc. http://semb.ee/hostnames

Simon.
0
 
LVL 1

Author Comment

by:Zorniac
ID: 40501418
Hi David, thanks for confirming that is still the recommendation.  I am going to make sure they are named the same.

Hi Simon, thank you for the information and advice.  I did a little research on UPN.  I was only aware of this through textbooks, but have never implemented it myself.  From what I read, my users will be able to login using the UPN extension, so long as that is what is specified when the account is created, correct?

In regards to the Autodiscover feature... it actually works 90% for me... the only portion that is not getting filled in correctly is the public DNS name.  Is there a way to manually alter the values returned through Autodiscover?

unfortunately, my domain wasn't named with a .local, I went full tilt and did 'someplace.state.us', this domain belongs to the government apparently.  there is also some other non-functioning parts of the domain, and general infrastructure changes, so this seems like the best time to migrate.
0
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 40501628
The Autodiscover information comes from the information you have configured in Exchange. If you have put the wrong URLs for the ActiveSync virtual directories then the wrong information will be returned to the client.

Create a test account and run it through the Microsoft test site at http://exrca.com/ 
That will show you what is being returned to the clients.

Clients can login with the UPN if the correct UPN is set on their account. It doesn't have to be done at the point of account creation.

Simon.
0

Featured Post

Office 365 Training for IT Pros

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

This article lists the top 5 free OST to PST Converter Tools. These tools save a lot of time for users when they want to convert OST to PST after their exchange server is no longer available or some other critical issue with exchange server or impor…
How to resolve IMCEAEX NDRs in Exchange or Exchange Online related to invalid X500 addresses.
In this Micro Tutorial viewers will learn how to restore their server from Bare Metal Backup image created with Windows Server Backup feature. As an example Windows 2012R2 is used.
This tutorial will walk an individual through the process of configuring basic necessities in order to use the 2010 version of Data Protection Manager. These include storage, agents, and protection jobs. Launch Data Protection Manager from the deskt…

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question