I am curious as to what people are using as their internal active directory/dns domain name when you already have a registered Internet domain name(eg. company.com)? I have read in Microsoft's documentation that states not to use the same domain name internally for active directory as what you have published out to the Internet because of possible conflicts. They recommend using a private unregisterd domain name (company-internal.com) or a sub-domain such as internal.company.com. What are you using? I seem to prefer the sub-domain for some reason. Do you see any limitations with either?
Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations gkittelson on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
Active Directory/DNS Naming Convention
- Thread starter slewe
- Start date
Maybe I can help and get helped as well. I read the same thing, and so I named my domain accounting.abc.com (because we already had our company registered on the internet as abc.com). When I finished with migration to AD, I couldn't add any new W2K DC's to my domain. I thought it was because it asks for the domain name, and when I put in the new domain name it would return an error. I went through a lot to try to rename the domain based on M$ article Q292541, but was not able to change the domain name still. However, just yesterday, I tried to add a new W2K server as a DC, and it allowed me to (I cancelled it b/c I may still try to rename the domain), so something must be working. I am wondering now if I should even bother renaming the domain or just keep it accounting.abc.com like M$ suggests...
CharlieJax
MIS
I use XYZ.internal for the internal domain and all of our external traffic goes through a proxy server so I don't have to worry about forwarders in the DNS.
Most of the books I have read show people using .internal names. If your system is seperated from the web (via proxy or firewall, etc) then there is no need to worry about keeping the same DNS name as your external site.
CJ
- Jr. Rocket Man
Most of the books I have read show people using .internal names. If your system is seperated from the web (via proxy or firewall, etc) then there is no need to worry about keeping the same DNS name as your external site.
CJ
- Jr. Rocket Man
Actually, some the computers are showing domains of "COMPANY", and some of the machines that I have changed the name are now showing a domain of "accounting.compay.com". No big deal, but when I try to add local users onto that second group of computers, it tells me that "specified domain either does not exist or could not be contacted" and "Object picker cannot open because no locations from which to choose objects could be found", so something is off somewhere
- Thread starter
- #5
Using corporate.company.com internally and everything seems to be working fine so far. I was able to add W2k servers into AD(active directory) as domain controllers. The rest of my W2k servers seem to recognize AD once I modified their DNS domain under network properties and changed it to corporate.company.com and reboot. They registered into dynamic DNS which is running on one of the DC's. When I initially pointed my internal clients for DNS to the internal DC, I could not get out to the Internet. Removing the root forwarder zone fixed that problem. I also had issues with my W2k DHCP server service not starting after install AD on that server. I removed DHCP service, readded service, and recreated scopes as a work around. When I recreated the scope, I made sure my domain name was corporate.company.com. I also had DNS domain names from workstations showing up as COMANY. They had hard coded DNS domain names under their network setting. Changing them to use DHCP got them on track.
- Status
Similar threads
- Locked
- Question