+ Post New Thread
Results 1 to 9 of 9
Windows Server 2000/2003 Thread, Installing Active Directory in Technical; What is the best practice for setting up AD? How should I go about setting up the name space? If ...
  1. #1

    Join Date
    Oct 2008
    Location
    Lincolnshire
    Posts
    2,312
    Thank Post
    13
    Thanked 237 Times in 225 Posts
    Rep Power
    69

    Installing Active Directory

    What is the best practice for setting up AD?

    How should I go about setting up the name space? If I had a domain what are the reasons not to setup the domain name in AD the same as my external one?

    I had a look but I could not find anything set in stone on the web so after your thoughts on this one.

  2. #2

    Join Date
    Dec 2008
    Location
    Essex
    Posts
    2,144
    Thank Post
    1
    Thanked 326 Times in 316 Posts
    Rep Power
    78
    Hi

    There's plenty on these specific topics on the MSFT website to include best practices.

    Generally you should keep your external and internal namespace separate, this can cause issue with DNS and lookups. For detailed explanation see the AD planning guide on the MSFT website, if you can find I'll send the link.

    Sukh

  3. #3

    Join Date
    Oct 2008
    Location
    Lincolnshire
    Posts
    2,312
    Thank Post
    13
    Thanked 237 Times in 225 Posts
    Rep Power
    69
    Cheers for that Sukh. You put the right keywords in there which seems to have put the right results up in Google!!

  4. #4

    EduTech's Avatar
    Join Date
    Aug 2007
    Location
    Reading
    Posts
    5,075
    Thank Post
    160
    Thanked 937 Times in 731 Posts
    Blog Entries
    3
    Rep Power
    275
    Quote Originally Posted by MatthewL View Post
    Cheers for that Sukh. You put the right keywords in there which seems to have put the right results up in Google!!


    Once you know how to Google! you can work out anything hehe

    Key is just to keep AD organized and structured, keep external and internal name space separate (shocking how many people don't)

    James.

  5. #5

    Join Date
    Aug 2005
    Location
    London
    Posts
    3,158
    Thank Post
    116
    Thanked 529 Times in 452 Posts
    Blog Entries
    2
    Rep Power
    124
    Quote Originally Posted by EduTech View Post

    Key is just to keep AD organized and structured, keep external and internal name space separate (shocking how many people don't)
    I know that split DNS can be useful (so if you query my public facing DNS you only see the records I want you to see and you don't see the details of my internal servers) but why else is it needed? (I've worked in places which do split and don't split and have good reasons for that so I'd guess I'm wondering why you're so definite that you should split)

  6. #6

    Join Date
    Dec 2008
    Location
    Essex
    Posts
    2,144
    Thank Post
    1
    Thanked 326 Times in 316 Posts
    Rep Power
    78
    It is MSFT best practice to do so and also industry best practise. I have too seen AD deployments which share the same external namespace but the not for the rights reasons.

    DNS Namespace Planning

    Naming conventions in Active Directory for computers, domains, sites, and OUs

    Best Practice Active Directory Design for Managing Windows Networks

    Sukh

  7. #7

    EduTech's Avatar
    Join Date
    Aug 2007
    Location
    Reading
    Posts
    5,075
    Thank Post
    160
    Thanked 937 Times in 731 Posts
    Blog Entries
    3
    Rep Power
    275
    Quote Originally Posted by srochford View Post
    I know that split DNS can be useful (so if you query my public facing DNS you only see the records I want you to see and you don't see the details of my internal servers) but why else is it needed? (I've worked in places which do split and don't split and have good reasons for that so I'd guess I'm wondering why you're so definite that you should split)
    Don't get me wrong I have seen it setup not splitting the DNS before i in fact worked with it prior to moving over the split DNS, I guess people do have right reasons as to why they do it that way but there has been a few common faults with doing it. I'm not saying that if someone already has it in place it is a massive problem that they need to change but if your looking at re-building your Domain then I personally recommend and as sukh pointed out it is MSFT best practice to do so, and therefore in this case i am recommending that the OP considers the split dns route.

    James.

  8. #8

    Join Date
    Oct 2008
    Location
    Lincolnshire
    Posts
    2,312
    Thank Post
    13
    Thanked 237 Times in 225 Posts
    Rep Power
    69
    Thanks for the replies gives me something to go on.

  9. #9

    Join Date
    Nov 2010
    Location
    California
    Posts
    137
    Thank Post
    0
    Thanked 24 Times in 22 Posts
    Rep Power
    13
    Also - try to aVoid .local if you really want to future proof. Just in case someone gets the bright idea for some dumb reason to want Macs integrated into your network. Macs use .local which conflicts with heir bonjour service. There are work arounds but to be safe you could avoid it by not using .local.

    I work for Paradise Unified School District. To make it simple our domain is paradise.usd. . Looks neat too! Lol. Ohh the joys
    Of bein in IT. haha.



SHARE:
+ Post New Thread

Similar Threads

  1. Replies: 6
    Last Post: 31st May 2011, 09:05 AM
  2. Icon Transparency using Active Directory and Active Desktop Backgrounds
    By steveo2000 in forum Windows Server 2000/2003
    Replies: 2
    Last Post: 19th May 2010, 10:50 AM
  3. Replies: 0
    Last Post: 6th April 2009, 11:26 PM
  4. Active Directory
    By Neville in forum Windows
    Replies: 6
    Last Post: 25th June 2008, 04:24 PM
  5. Replies: 7
    Last Post: 31st January 2008, 01:17 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •