Announcement

Collapse
No announcement yet.

AD Naming convention

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • AD Naming convention

    Hello,

    We just lost our system administrator who was in the process of migrating 80 workstations to Windows 2003 Active directory. I have now had the task dropped on my plate. I was just curious as to the naming convention within AD. We have a corporate website (i.e. www.company.ca). I was going to create the DNS name as "company.ca" to use in AD, but it looks like he defined it as "company.Int". I was reading through a bunch of material and you always see it as company.com or .ca. I was wondering naming it with the .Int extension would this or could this cause any issues down the road?

    ZT

  • #2
    Re: AD Naming convention

    You can use a public DNS name (company.com) but the MS recommendation is something that will not appear on the internet (e.g. company.corp or company.local)

    This normally starts a violent discussion about the merits / demerits of each solution...
    Tom Jones
    MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
    PhD, MSc, FIAP, MIITT
    IT Trainer / Consultant
    Ossian Ltd
    Scotland

    ** Remember to give credit where credit is due and leave reputation points where appropriate **

    Comment


    • #3
      Re: AD Naming convention

      You could use the same name (Which I am assuming you have registered) and use a configuration called Split brain Dns or keep it simple and use different names but again it is best practice you register that as well to make it glabally unique.

      @Ossian
      Trying my best here to stay neutral..
      Caesar's cipher - 3

      ZKHQ BRX HYHQWXDOOB GHFLSKHU WKLV BRX ZLOO UHDOLVH LW ZDV D ZDVWH RI WLPH!

      SFX JNRS FC U6 MNGR

      Comment


      • #4
        Re: AD Naming convention

        So, basically I could use the "company.Int" that has already been defined when he configured AD. Just a matter if I want to register that as well to make it unique.

        ZT

        Comment


        • #5
          Re: AD Naming convention

          You cannot register a .int domain -- it is not an acceptable TLD (Top Level Domain) which is why it is used internally with AD

          Oops -- damn you, -- it appears .int is a real TLD for inter-governmental organisations.
          http://www.iana.org/domains/int/
          Last edited by Ossian; 15th September 2009, 14:36. Reason: update info
          Tom Jones
          MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
          PhD, MSc, FIAP, MIITT
          IT Trainer / Consultant
          Ossian Ltd
          Scotland

          ** Remember to give credit where credit is due and leave reputation points where appropriate **

          Comment


          • #6
            Re: AD Naming convention

            OK, then I should be good to go. Still scratching me head why he selected this extension seeing that we are not a gov't organization. More than likely didn't check and thought it was short for internal.

            So, in theory if needed I should be able to register this if needed down the road. Right now we are a very small company that needs to invest a little $$ to get our technology up to where it should be.

            ZT

            Comment


            • #7
              Re: AD Naming convention

              Chances are you wouldn't be able to register .int even if you wanted to. Here's a lsit of TLD's courtesy of Wikipedia:

              http://en.wikipedia.org/wiki/List_of...-level_domains

              Comment


              • #8
                Re: AD Naming convention

                Usually internal FQDNs end with .local, .int, but could be .whatever you want. It's more to be standardized than anything. It's usually best to keep your internal (forest) initial domain name separate from your external domain name.

                So something like company.com is the website but company.local is the internal fqdn.
                GoogleFu is strong with this one ^

                Comment


                • #9
                  Re: AD Naming convention

                  Just to throw in a reminder that some OSes use .local by default and there are therefore some people who advise against using that TLD for your AD domain, in case you want to use those OSes on the network at a later date.

                  Originally posted by Ossian View Post
                  This normally starts a violent discussion about the merits / demerits of each solution...
                  Rabble Rabble Rabble!
                  Gareth Howells

                  BSc (Hons), MBCS, MCP, MCDST, ICCE

                  Any advice is given in good faith and without warranty.

                  Please give reputation points if somebody has helped you.

                  "For by now I could have stretched out my hand and struck you and your people with a plague that would have wiped you off the Earth." (Exodus 9:15) - I could kill you with my thumb.

                  "Everything that lives and moves will be food for you." (Genesis 9:3) - For every animal you don't eat, I'm going to eat three.

                  Comment


                  • #10
                    Re: AD Naming convention

                    .Int is a sTLD and can be registered but obviously you don't qualify!
                    It is good practice IMO to register both internal and external domain names if using two different namespaces to allow for any future changes. Who's to say that a unique name today is gonna stay like that for long. Now, it's not a big deal and the impact is not going to be catastrophic and can be overcome but is better to prevent.
                    Also (Highly unlikely but still probable) if the company/organisation merges then it may affect creation of domain trusts.

                    Here is a link regarding DNS namespace planning: http://support.microsoft.com/kb/254680
                    Last edited by L4ndy; 16th September 2009, 15:24. Reason: got rid of the sentence: "especially with the everchanging standartisation attempts"
                    Caesar's cipher - 3

                    ZKHQ BRX HYHQWXDOOB GHFLSKHU WKLV BRX ZLOO UHDOLVH LW ZDV D ZDVWH RI WLPH!

                    SFX JNRS FC U6 MNGR

                    Comment


                    • #11
                      Re: AD Naming convention

                      err..... how can you register something like company.corp when corp is not a valid TLD?
                      Tom Jones
                      MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
                      PhD, MSc, FIAP, MIITT
                      IT Trainer / Consultant
                      Ossian Ltd
                      Scotland

                      ** Remember to give credit where credit is due and leave reputation points where appropriate **

                      Comment


                      • #12
                        Re: AD Naming convention

                        Originally posted by Ossian View Post
                        err..... how can you register something like company.corp when corp is not a valid TLD?
                        Good point! I actually had in mind valid TLD when I said that but then somehow merged it with another line of thought.
                        If I may edit my previous post so it makes sense.

                        Ta
                        Last edited by L4ndy; 16th September 2009, 15:24.
                        Caesar's cipher - 3

                        ZKHQ BRX HYHQWXDOOB GHFLSKHU WKLV BRX ZLOO UHDOLVH LW ZDV D ZDVWH RI WLPH!

                        SFX JNRS FC U6 MNGR

                        Comment


                        • #13
                          Re: AD Naming convention

                          It's possible that .corp may become a valid TLD at some point. Just like .biz and .info weren't initially TLD's.
                          GoogleFu is strong with this one ^

                          Comment


                          • #14
                            Re: AD Naming convention

                            Originally posted by stamandster View Post
                            It's possible that .corp may become a valid TLD at some point. Just like .biz and .info weren't initially TLD's.
                            Ouch! that will cause major problems

                            Perhaps we need a set of "reserved" TLDs (similar to the 192.168.x.x network) available for non-internet use
                            Tom Jones
                            MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
                            PhD, MSc, FIAP, MIITT
                            IT Trainer / Consultant
                            Ossian Ltd
                            Scotland

                            ** Remember to give credit where credit is due and leave reputation points where appropriate **

                            Comment


                            • #15
                              Re: AD Naming convention

                              Let's see something like

                              .company
                              .internal (not too bad as there's not a limited in char size that I know of)
                              .corporation
                              .soleproprietorship
                              .partnership
                              .limitedpartnership
                              .limitedliabilitycompany
                              .cooperative

                              haha
                              GoogleFu is strong with this one ^

                              Comment

                              Working...
                              X