We're creating a new network and are having problems deciding on the internal domain name. Should it be the same as our .sch.uk (very long!) web address or can it be something a bit shorter?
Printable View
We're creating a new network and are having problems deciding on the internal domain name. Should it be the same as our .sch.uk (very long!) web address or can it be something a bit shorter?
Most people use .local. It's more secure as it can't progate onto the internet, still it'll have to be a bad setup to do it anyway. Most people use admin.local or such, it doesn't really matter unless you intend to join your AD with other schools or such.
You'll have to ask around (here) how you add your .sch.uk so you can use it with exchange (etc), assuming you have it.
Use .internal here, as .local is used with Zeroconf/Bonjour etc. - Easier not to use school domain unless your hosting authoritive DNS servers for your domain, which I believe very few, if any, schools do for sch.uk domains. Otherwise you'll get into issues with websites etc.
We use schoolname.internal here.
Exchange isn't an issue as AD domain name isn't tied into SMTP domain name.
Yes, I agree with Diello because if you set your internal domain to the same as your externally hosted website you will get problems with accessing the site.
This is because when an internal client types the website address your local DNS server will believe your trying to access the internal resources. There are ways around this (Google: "Split DNS") but I don't really think it's worth it.
One thing I have noticed however is that when creating a new AD domain (I did this on Server 2008), make sure the NETBIOS domain name is to your liking as it will appear on Vista and Windows 7 clients logon screen. Although it only displays this name if you haven’t setup Group Policy to hide the last logged in username.
Hope this is of some help when naming your new AD domain.
Ross
go on you know you want UVHS.INTERNAL :)
We have our full domain here (but the .org.uk) version and its a royal PITA when trying to access things like ftp.domain.org.uk as it looks internally so my DNS is littered with external DNS IPs for our webservers and stuff to make them work so it will be renamed hopefully this summer to .internal to stop this problem,.
All these issues are easily dealt with using split dns.
Use your ISP's DNS servers as forwarders and create A records for all external hosts on your internal DNS
If your school is myschool.mylea.sch.uk
Add records for www.myschool.mylea.sch.uk etc pointing to the external ip address so that you internal hosts know when they need to send packets to the outside world and not be looking around you lan for something that isn't there!
IMOHO it doesn't make any difference if you use the schools FQDN or .whatever as long as it's not somebody elses!
I remember visiting a very well known Academy in Sth London that had decided not only to use public ip address range internally but also called it's internal domain BA.COM
Laugh, I nearly bought my own beer.....
Another mega mistake is to use a single label internal domain name.
Mainly because you can't use the Domain Rename tools in 2003/2008 if the AD domain has been setup as a single label domain! You will eventually have to rebuild the AD completely.
Information about configuring Windows for domains with single-label DNS names