AD DNS Name Space internal sub domain

[Guest]

Archived from groups: microsoft.public.win2000.active_directory (More info?)

Hello,

We are upgrading from NT4 to 2000 Active Directory.

This is what we have:

About 200 user single site network.

aabbcc - NT4 Netbios Domain Name

aabbcc.com - registered domain
www.aabbcc.com - website
mail.aabbcc.com - mail server

What would be the preferred Active Directory domain naming in this
case?

Internal: aabbcc.com.local
or
Subdomain: aabbcc.aabbcc.com


Thanks,

Andras Kende
http://www.kende.com

 

[Barry]

Archived from groups: microsoft.public.win2000.active_directory (More info?)

andras@kende.com wrote:
> Hello,
>
> We are upgrading from NT4 to 2000 Active Directory.
>
> This is what we have:
>
> About 200 user single site network.
>
> aabbcc - NT4 Netbios Domain Name
>
> aabbcc.com - registered domain
> www.aabbcc.com - website
> mail.aabbcc.com - mail server
>
> What would be the preferred Active Directory domain naming in this
> case?
>
> Internal: aabbcc.com.local
> or
> Subdomain: aabbcc.aabbcc.com
>
>
> Thanks,
>
> Andras Kende
> http://www.kende.com
>

why not aabbcc.com ?

 

[Guest]

Archived from groups: microsoft.public.win2000.active_directory (More info?)

I would agree with barry and go for aabbcc.com as well. Your main choice is
going to be between that and aabbcc.local. The main thing to watch out for
when using the same domain name internally and externally is that you have
to create manual records for all external resources on your internal DNS
servers. e.g. mail, www etc.

aabbcc.com.local and aabbcc.aabbcc.com are not a logical choice in this
situation.

<andras@kende.com> wrote in message
news:1118570381.074401.254190@g47g2000cwa.googlegroups.com...
> Hello,
>
> We are upgrading from NT4 to 2000 Active Directory.
>
> This is what we have:
>
> About 200 user single site network.
>
> aabbcc - NT4 Netbios Domain Name
>
> aabbcc.com - registered domain
> www.aabbcc.com - website
> mail.aabbcc.com - mail server
>
> What would be the preferred Active Directory domain naming in this
> case?
>
> Internal: aabbcc.com.local
> or
> Subdomain: aabbcc.aabbcc.com
>
>
> Thanks,
>
> Andras Kende
> http://www.kende.com
>

 

[Guest]

Archived from groups: microsoft.public.win2000.active_directory (More info?)

What I was reading on microsoft and other sites same internal and
external domain is not preferred.
If same domain is used direct Internet exposure of the Active Directory
data would happen...

http://support.microsoft.com/kb/254680/

Best regards,
Andras Kende
http://www.kende.com

 

[Guest]

Archived from groups: microsoft.public.win2000.active_directory (More info?)

Simon Geary wrote:
> I would agree with barry and go for aabbcc.com as well. Your main choice is
> going to be between that and aabbcc.local. The main thing to watch out for
> when using the same domain name internally and externally is that you have
> to create manual records for all external resources on your internal DNS
> servers. e.g. mail, www etc.
>
> aabbcc.com.local and aabbcc.aabbcc.com are not a logical choice in this
> situation.
>
> <andras@kende.com> wrote in message
> news:1118570381.074401.254190@g47g2000cwa.googlegroups.com...
>
>>Hello,
>>
>>We are upgrading from NT4 to 2000 Active Directory.
>>
>>This is what we have:
>>
>>About 200 user single site network.
>>
>>aabbcc - NT4 Netbios Domain Name
>>
>>aabbcc.com - registered domain
>>www.aabbcc.com - website
>>mail.aabbcc.com - mail server
>>
>>What would be the preferred Active Directory domain naming in this
>>case?
>>
>>Internal: aabbcc.com.local
>>or
>>Subdomain: aabbcc.aabbcc.com
>>
>>
>>Thanks,
>>
>>Andras Kende
>>http://www.kende.com

Agreed. If you can get a complete list of the DNS entries in your
current public DNS you should replicate all the external resources in
the internal DNS. The one thing I have had troubles with are when the
website uses the root domain for links instead of www.domain.com.

--
WARNING! Email address has been altered for spam resistance.
Please remove the -deletethispart-. section before replying directly.
Mike Drechsler (mike-newsgroup@-deletethispart-.upcraft.com)

 

[Guest]

Archived from groups: microsoft.public.win2000.active_directory (More info?)

AD records would not be exposed in practice as when using the 'split-brain'
DNS configuration you have both internal and external DNS servers. Your
external servers live in the DMZ and host only external records. Internal
DNS lives inside the firewall and host all internal and external records.
The internal DNS is what your PCs and servers use. Exposing SRV records
would only be a problem if you used a publicly available DNS server to host
them.

As to which naming choice is preferred, this really depends on who you talk
to. Even Microsoft seem to be changing their minds over this as the original
advice was always to use different namespaces but I think now most people
would opt for using the same name internally and externally. Both options
will work and there is no right or wrong answer, but I would tend to favour
using the same name just to keep things simple.

<andras@kende.com> wrote in message
news:1118647777.093258.178340@g43g2000cwa.googlegroups.com...
> What I was reading on microsoft and other sites same internal and
> external domain is not preferred.
> If same domain is used direct Internet exposure of the Active Directory
> data would happen...
>
> http://support.microsoft.com/kb/254680/
>
> Best regards,
> Andras Kende
> http://www.kende.com
>