Thanks again, Right now we don't have an internal DNS we are using our ISP's DNS .and I don't thin in the future our College will be changing name ever .I like your AD philosophy it makes sense.
[EMAIL PROTECTED] writes: >Depends. > >Do you have an existing internal DNS infrastructure for emmanuel.edu? If >so, you may want to use subdomains for your AD domains, since you can >easily delegate these subdomains to AD DNS servers and not disrupt your >existing DNS servers. > >I didn't mention this, but this DNS issue also applied to us. Our >internal kimball.com DNS is hosted on bind/unix. We wanted the DNS for >our AD domains to be on win2k, so our unix DNS server delegates >kii.kimball.com and ads.kimball.com to our win2k DNS servers. Our >kii.kimball.com and ads.kimball.com DNS servers are secondaries for each >other and for kimball.com. The unix/bind DNS server is secondary for kii >and ads. Our AD DNS servers also forward to the kimball.com DNS server >for unknowns. > >Works like a charm (once you figure out the win2k DNS can't do >multi-record-per-packet transfers, even though it says it can...) > >One other point worth mentioning. The current philosophy in AD design is >to use a completely unrelated DNS domain for your AD so that if your >organization changes names, you won't be stuck trying to rename your >forest. According to the current wisdom, you should register a domain >like "sdfgde.org" and use that for your AD. Others skip registering a >domain, and use a TLD that will never be used in the real world - >something like ads.fart, perhaps. > >-----Original Message----- >From: Brahim Bouchaiba [mailto:[EMAIL PROTECTED] >Sent: Wednesday, March 05, 2003 10:16 AM >To: [EMAIL PROTECTED] >Subject: Re: RE: [ActiveDir] choosing names for AD > > >Thanks Ken, >My situation is just little slight different : >1-our registered domain is Emmanuel.edu >2-right now I don't have any main domains (referring to kII.kimball.com) >so would i be better off just using Emmanuel.edu as the empty root.or >add like subdomain for example xx.emmanuel.edu. > > > > >[EMAIL PROTECTED] writes: >>Yes, this is exactly how we did our AD implementation. >> >>Our registered domain is "kimball.com" >> >>Our empty root is "ads.kimball.com" >>Our main domain is "kii.kimball.com" (this domain started out as an NT4 > >>domain called KII) >> >>We run split-brain DNS: our internal and external DNS are separate. To >>eliminate user confusion, all of our internal web sites start with >>"kww" >>(ie: kww.kimball.com). >> >>If I were doing it again, I would migrate KII to kii.ads.kimball.com to > >>simplify our DNS (now we have 4 DNS servers: 2 ADS domain controllers, >>and 2 KII DCs). We went with the original scheme to keep the DNS FQDNs >>shorter, but there is really no need. The end users don't see them, and > >>admins very seldom have to type the whole thing out. >> >>-----Original Message----- >>From: Brahim Bouchaiba [mailto:[EMAIL PROTECTED] >>Sent: Wednesday, March 05, 2003 8:01 AM >>To: [EMAIL PROTECTED] >>Subject: [ActiveDir] choosing names for AD >> >> >> >>Hello all, >>My company has registered DNS domain name suffix called xx.com. My >>question is can I use this domain suffix as name for the forest root or > >>another subdomain like corp.xx.com for the active directory .Putting in > >>consideration that our website is www.xx.com is hosted by another >>company and that when i 'll set up the internal DNS I will use our ISP >>DNS as forwarder .I'm afraid that internal and external namesoace will >>overlap.Any ideas please.thanks >> >>List info : http://www.activedir.org/mail_list.htm >>List FAQ : http://www.activedir.org/list_faq.htm >>List archive: >>http://www.mail-archive.com/activedir%40mail.activedir.org/ >>List info : http://www.activedir.org/mail_list.htm >>List FAQ : http://www.activedir.org/list_faq.htm >>List archive: >>http://www.mail-archive.com/activedir%40mail.activedir.org/ >> >> > > > >Brahim Bouchaiba >Network administrator >Information technology >617-7359720 > >List info : http://www.activedir.org/mail_list.htm >List FAQ : http://www.activedir.org/list_faq.htm >List archive: >http://www.mail-archive.com/activedir%40mail.activedir.org/ >List info : http://www.activedir.org/mail_list.htm >List FAQ : http://www.activedir.org/list_faq.htm >List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ > Brahim Bouchaiba Network administrator Information technology 617-7359720 List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
