Announcement

Collapse
No announcement yet.

Domain name

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Domain name

    Hi, im reading docs about setting AD DC for windows server - i want to clear out whats the difference between using a real registered domain name like 3trglobal.com for my Domain controller or using my local domain that i just made up, mostly on the tutorials i see on there sample they used local domain like 3trglobal.loca ot etc.
    Can anyone explain further about this..

  • #2
    Re: Domain name

    And anyone can suggest a simple deployment of AD DC on my 30 client PC network. what would be my best setup. willing to give datials if ask.
    Thanks all

    Comment


    • #3
      Re: Domain name

      Originally posted by ruben23 View Post
      Hi, im reading docs about setting AD DC for windows server - i want to clear out whats the difference between using a real registered domain name like 3trglobal.com for my Domain controller or using my local domain that i just made up, mostly on the tutorials i see on there sample they used local domain like 3trglobal.loca ot etc.
      Can anyone explain further about this..
      just google a bit on "split DNS" and you'll get a wealth of info

      bio...

      Comment


      • #4
        Re: Domain name

        IMHO (and supported IIRC by Microsoft) do not use your internet domain name internally unless you are willing to spend a lot of time fiddling with DNS

        If you have mydomain.com for the outside world, use mydomain.local (or maybe mydomain.corp) for your internal name

        For deployment, it depends on what you already have as servers, but for 30 clients, I would very strongly recommend Small Business Server as it gives you Exchange as part of the package and also includes a plethora (yes, I said plethora ) of wizards to do most admin tasks
        Tom Jones
        MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
        PhD, MSc, FIAP, MIITT
        IT Trainer / Consultant
        Ossian Ltd
        Scotland

        ** Remember to give credit where credit is due and leave reputation points where appropriate **

        Comment


        • #5
          Re: Domain name

          When you promote the server to a DC, it will give you the option to install DNS as well. It makes it more convenient. You just need to install the DNS files from Add/Remove Windows Components before doing so.

          Comment


          • #6
            Re: Domain name

            Originally posted by ruben23 View Post
            Hi, im reading docs about setting AD DC for windows server - i want to clear out whats the difference between using a real registered domain name like 3trglobal.com for my Domain controller or using my local domain that i just made up, mostly on the tutorials i see on there sample they used local domain like 3trglobal.loca ot etc.
            Can anyone explain further about this..
            Do not use root domains on your local LAN. IE .com or .co.uk. This presents issues when you have A records in PUBLIC DNS that use the same namespace. You then have to create manual A records. For example if you call your domain example.com. But you have a website which also uses the name example.com that is external to your network ( ie on the Internet) then your DNS will see itself as authoritative for that name space and wont make a query anywhere else in order to retrieve that website/A record. In order to circumvent this you then need to create a manual A record pointing to the IP address of example.com. in your local DNS.

            Its always a best practice to ensure you use domain names such as .local or .internal so they dont conflict with external DNS.
            Last edited by scurlaruntings; 29th May 2009, 18:45.

            Comment


            • #7
              Re: Domain name

              Originally posted by Virtual View Post
              When you promote the server to a DC, it will give you the option to install DNS as well. It makes it more convenient. You just need to install the DNS files from Add/Remove Windows Components before doing so.
              Good advice. This is always my course of action when building a DC. This ensures you have a redundant topology and faster name resolution locally.

              Comment


              • #8
                Re: Domain name

                I agree with everyone else on the point of DNS. Don't use any gTLD like .com, use something that's valid only internally like .local or .whatever. Install DNS as part of the dcpromo operation. Configure the DNS zones to be AD integrated and make sure you set up a reverse lookup zone (it's not required but I consider it a best practice). I would recommend that you set up the DC to be a DHCP server as well and make sure to set up a DHCP scope for your subnet with the appropriate options, such as DNS servers and router.

                Comment


                • #9
                  Re: Domain name

                  Agreed... Microsoft do have some KB articles if you have a look. These articles state:

                  "The preferred method of creating a namespace is to create an internal namespace that is different from the external namespace. This creates a barrier between your internal resources and the Internet. For example:

                  Internal domain: IDEALLAB.INTERNAL
                  External domain: IDEALLAB.COM"

                  There is also a good article which details the issues that you might face if you ignore this advice: http://support.microsoft.com/kb/300684/

                  Rob.
                  Rob.
                  ----
                  There are 10 types of people in the world: Those who understand binary, and those who don't...

                  Comment


                  • #10
                    Re: Domain name

                    Sh0ckw4ve, shouldn't your signature be "there are 2 types of people in the world..." since binary is a base 2 number system?

                    Comment


                    • #11
                      Re: Domain name

                      Originally posted by joeqwerty View Post
                      Sh0ckw4ve, shouldn't your signature be "there are 2 types of people in the world..." since binary is a base 2 number system?
                      Thanks Joe, I'll bear that in mind!
                      Rob.
                      ----
                      There are 10 types of people in the world: Those who understand binary, and those who don't...

                      Comment

                      Working...
                      X