Windows Server 2000/2003 Thread, Installing Active Directory in Technical; What is the best practice for setting up AD?
How should I go about setting up the name space? If ...
4th April 2011, 06:19 PM #1
Installing Active Directory
What is the best practice for setting up AD?
How should I go about setting up the name space? If I had a domain what are the reasons not to setup the domain name in AD the same as my external one?
I had a look but I could not find anything set in stone on the web so after your thoughts on this one.
4th April 2011, 06:33 PM #2
There's plenty on these specific topics on the MSFT website to include best practices.
Generally you should keep your external and internal namespace separate, this can cause issue with DNS and lookups. For detailed explanation see the AD planning guide on the MSFT website, if you can find I'll send the link.
4th April 2011, 07:01 PM #3
Cheers for that Sukh. You put the right keywords in there which seems to have put the right results up in Google!!
4th April 2011, 07:55 PM #4
Originally Posted by MatthewL
Once you know how to Google! you can work out anything hehe
Key is just to keep AD organized and structured, keep external and internal name space separate (shocking how many people don't)
4th April 2011, 10:11 PM #5
I know that split DNS can be useful (so if you query my public facing DNS you only see the records I want you to see and you don't see the details of my internal servers) but why else is it needed? (I've worked in places which do split and don't split and have good reasons for that so I'd guess I'm wondering why you're so definite that you should split)
Originally Posted by EduTech
5th April 2011, 12:10 AM #6
It is MSFT best practice to do so and also industry best practise. I have too seen AD deployments which share the same external namespace but the not for the rights reasons.
DNS Namespace Planning
Naming conventions in Active Directory for computers, domains, sites, and OUs
Best Practice Active Directory Design for Managing Windows Networks
5th April 2011, 12:26 AM #7
Don't get me wrong I have seen it setup not splitting the DNS before i in fact worked with it prior to moving over the split DNS, I guess people do have right reasons as to why they do it that way but there has been a few common faults with doing it. I'm not saying that if someone already has it in place it is a massive problem that they need to change but if your looking at re-building your Domain then I personally recommend and as sukh pointed out it is MSFT best practice to do so, and therefore in this case i am recommending that the OP considers the split dns route.
Originally Posted by srochford
5th April 2011, 12:29 AM #8
Thanks for the replies gives me something to go on.
5th April 2011, 02:38 AM #9
- Rep Power
Also - try to aVoid .local if you really want to future proof. Just in case someone gets the bright idea for some dumb reason to want Macs integrated into your network. Macs use .local which conflicts with heir bonjour service. There are work arounds but to be safe you could avoid it by not using .local.
I work for Paradise Unified School District. To make it simple our domain is paradise.usd. . Looks neat too! Lol. Ohh the joys
Of bein in IT. haha.
By NotVeryPC in forum Mac
Last Post: 31st May 2011, 09:05 AM
By steveo2000 in forum Windows Server 2000/2003
Last Post: 19th May 2010, 10:50 AM
By steveo2000 in forum Mac
Last Post: 6th April 2009, 11:26 PM
By Neville in forum Windows
Last Post: 25th June 2008, 04:24 PM
Last Post: 31st January 2008, 01:17 PM
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)