Hi,
I have questions regarding Active Directory and DNS namespace for hosting IIS servers.
We currently are looking hosting Sharepoint to be accessible from internal as well as external and we are putting the IIS webserver in our DMZ and creating a separate windows active directory forest for it. We are then going to use a one-way trust to the Internal network for authentication to the active directory.
My question is about the DNS namespace planning.
Say Internal Network's AD DNS domain is company.local (Single Forest)
There is also an internal Primary DNS set up for company.net on the trusted network (same domain controller).
there is currently a linux server configured on the DMZ as well using company.net namespace (no AD however).
Our company also has a web presence of company.net hosted by an Internet provider.
We now want to create a separate Active directory forest and domain called company.net in our DMZ so that this and any subsequent sharepoint sites we create can use *.company.net namespace
SSL is also something we want to implement for this.
How will having the internal Primary DNS already having company.net (and being SOA) and having the external domain called company.net + the ISP hosting our company.net going to affect things when the trust is configured as far as active directory is concerned ? How does it affect name resolution for authentication (if at all) in Sharepoint / IIS ? Does this affect SSL certificates at all ?
Do we simply have to make manual entries in each DNS (DMZ and Internal) to point to the correct server, etc like with did with the Linux server in the DMZ ?
Thanks in advanced for any thoughts on this...
I have questions regarding Active Directory and DNS namespace for hosting IIS servers.
We currently are looking hosting Sharepoint to be accessible from internal as well as external and we are putting the IIS webserver in our DMZ and creating a separate windows active directory forest for it. We are then going to use a one-way trust to the Internal network for authentication to the active directory.
My question is about the DNS namespace planning.
Say Internal Network's AD DNS domain is company.local (Single Forest)
There is also an internal Primary DNS set up for company.net on the trusted network (same domain controller).
there is currently a linux server configured on the DMZ as well using company.net namespace (no AD however).
Our company also has a web presence of company.net hosted by an Internet provider.
We now want to create a separate Active directory forest and domain called company.net in our DMZ so that this and any subsequent sharepoint sites we create can use *.company.net namespace
SSL is also something we want to implement for this.
How will having the internal Primary DNS already having company.net (and being SOA) and having the external domain called company.net + the ISP hosting our company.net going to affect things when the trust is configured as far as active directory is concerned ? How does it affect name resolution for authentication (if at all) in Sharepoint / IIS ? Does this affect SSL certificates at all ?
Do we simply have to make manual entries in each DNS (DMZ and Internal) to point to the correct server, etc like with did with the Linux server in the DMZ ?
Thanks in advanced for any thoughts on this...
