Solved

internal domain name and activesync

Posted on 2014-12-12
4
226 Views
Last Modified: 2014-12-22
I am setting up a new domain to migrate users off a domain I created about seven years ago.  Part of my internal domain name was owned by someone and caused problems when trying to get SSL certs.  So going to start from scratch then use ADMT to move user accounts, etc

1) for the internal domain name I would like some advice.  my public facing domain is '@someplace.com', so I was going to make my internal domain 'internal.someplace.com', with a NetBIOS name of 'SP'.  So my users, when needed to specify the domain they are logging into would put 'SP\username'.  Any advice on this?

2) I want my users to be able to setup their EAS phones with as little input as possible.  I am aware of autodiscover, but not sure it can provide my users with the domain name if needed.  So then I started thinking well maybe I should set my internal NetBIOS name to 'someplace' as well.  

What is the best practice for the internal domain name and NetBIOS name?
What configuration would make it possible for my EAS phone users to simply enter 'username@someplace.com' and have the remaining fields populate with the correct information (essentially the user's domain and mail server 'mail.someplace.com')

hopefully that is all clear and makes sense.... I saw a Microsoft article that said it is recommended to make the domain prefix and domain NetBIOS name the same...
0
Comment
Question by:Zorniac
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 82

Assisted Solution

by:David Johnson, CD, MVP
David Johnson, CD, MVP earned 100 total points
ID: 40497712
Subdomain name = Netbios name is still recommended.
0
 
LVL 63

Accepted Solution

by:
Simon Butler (Sembee) earned 400 total points
ID: 40497796
If you are depending on Autodiscover to make mobile clients easier to use, then you are in for a disappointment. It is very unreliable on mobile devices. Not Microsoft's fault, but a problem with the way that the mobile vendors have implemented Autodiscover on their devices.
Hopefully the purchase of Accompli by Microsoft will make life easier, with a client that works correctly instead of the inconsistent native clients.

The internal domain doesn't really matter. I have a number of sites where the NETBIOS domain is XX and the FQDN is xxxxx.com and it doesn't cause a problem. I like having the short NETBIOS name. Just ensure that you are using a domain that you control.

Furthermore, what I do with new domains now is configure the UPN to match their email address. This confuses a lot of admins who think the UPN is their email address (particularly in the wizards for account creation), but it does make life a lot easier for people.

As for your reason for wanting to create a new domain, that isn't really a problem any longer.
If your domain was example.local then you wouldn't be able to include that in the SSL certificate either. The same resolution for that would work for you.
Change all of the Exchange configuration to use your public domain name, split DNS etc. http://semb.ee/hostnames

Simon.
0
 
LVL 1

Author Comment

by:Zorniac
ID: 40501418
Hi David, thanks for confirming that is still the recommendation.  I am going to make sure they are named the same.

Hi Simon, thank you for the information and advice.  I did a little research on UPN.  I was only aware of this through textbooks, but have never implemented it myself.  From what I read, my users will be able to login using the UPN extension, so long as that is what is specified when the account is created, correct?

In regards to the Autodiscover feature... it actually works 90% for me... the only portion that is not getting filled in correctly is the public DNS name.  Is there a way to manually alter the values returned through Autodiscover?

unfortunately, my domain wasn't named with a .local, I went full tilt and did 'someplace.state.us', this domain belongs to the government apparently.  there is also some other non-functioning parts of the domain, and general infrastructure changes, so this seems like the best time to migrate.
0
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 40501628
The Autodiscover information comes from the information you have configured in Exchange. If you have put the wrong URLs for the ActiveSync virtual directories then the wrong information will be returned to the client.

Create a test account and run it through the Microsoft test site at http://exrca.com/ 
That will show you what is being returned to the clients.

Clients can login with the UPN if the correct UPN is set on their account. It doesn't have to be done at the point of account creation.

Simon.
0

Featured Post

Online Training Solution

Drastically shorten your training time with WalkMe's advanced online training solution that Guides your trainees to action. Forget about retraining and skyrocket knowledge retention rates.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The following article is comprised of the pearls we have garnered deploying virtualization solutions since Virtual Server 2005 and subsequent 2008 RTM+ Hyper-V in standalone and clustered environments.
How to resolve IMCEAEX NDRs in Exchange or Exchange Online related to invalid X500 addresses.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
This video discusses moving either the default database or any database to a new volume.

624 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question