Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

DNS & AD namespace planning

Status
Not open for further replies.
derf238

derf238

IS-IT--Management
Feb 13, 2004
34
0
0
US
New company setup. companydomain.com is registered. A local ISP is hosting the web page and email under companydomain.com. NSlookup for the domain responds as non-authoritative with the hosting ISP's IP.
The company has ordered internet access from a different, tier 2 ISP who will supply external Ip address and DNS services. We are intalling AD and would like to use the registered domain name for simplicity and in case the web sever and email are brought in-house in the future. Can I use the registered domain name for the AD domain and the internal DNS without conflicting with the email hosting ISP? Suggestions on how would be appreciated.
Thanks in advance
 
Sort by date Sort by votes
there's no reason why you cannot use your company name for your AD.
 
Upvote 0 Downvote
Yes surely you can, but make sure you know how to use. It will save you trouble if you just name it to .local. When the webserver and mailserver comes you can still accomodate it because you gonna put them in DMZ and it's just a matter of configuring DNS(external and internal) record ( MX) and forwarders to accomplish these things.

But since you're interested in using your registered name then for the meantime, make sure do not use public ip's(use private ip's internally), let router do the NATing and if possible use a firewall.
 
Upvote 0 Downvote
You can choose whatever namespace you like although Microsoft prefer a child domain of your internet dns name (ad.companyname.com).

The only problem I can see are if you manage your internet DNS in house and have a huge number of DNS entries, in this case the DNS administrator can get confused as to register a dns change on the internal or external dns. As most SME's seem to have MX and Web DNS names managed by their ISP it doesn't really become a problem. Be careful how you configure your webproxy and its dns though, because you may find that you have to edit the "bypass webproxy" in Internet Explorer for each internal resource you need to use browse using internet explorer.
 
Upvote 0 Downvote
This has been discussed in so many threads and other forums before and I have never seen two people agreeing on this subject. Even Microsoft seems to change it's 'best practice' on a regular occasion. Here is my personal favorite:

Set up a split brain DNS which means that you use your registered .com domain name for you AD. Register any external records like in the internal DNS with the corresponding external IP addresses (otherwise you internal clients won't be able to visit your website).

The end conclusion is that both setups work very well if they are correctly installed and configured. Some additional DNS Best Practice information can be found at
regards,


Jeffrey Kusters

MCSA, MCSE, CCNA
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

alpha76
  • Locked
  • Question
Advice on DNS setup/configuration
Replies
3
Views
5K
technome
technome
KenMeans
  • Locked
  • Question
DNS Issues with wireless router behind Atlantic Broad band Business Modem
Replies
0
Views
5K
KenMeans
KenMeans
tbright
  • Locked
  • Question
DNS reverse lookup errors: zone 1.168.192.in-addr.arpa/IN: has no NS records
Replies
1
Views
6K
tbright
tbright
Richard Carter
  • Locked
  • Question
Set up BIND on DNS server for local home server
Replies
0
Views
5K
Richard Carter
Richard Carter
rvirene
  • Locked
  • Question
MS DNS / Powershell Script Question
Replies
2
Views
5K
rvirene
rvirene

Part and Inventory Search

Sponsor

Back
Top