In my experience, you can use your registered domain if you like, but be aware that you should probably use different server names on your external-facing DNS. This avoids problems with VPN connections from the outside.
Ryan Malayter Sr. Network & Database Administrator Bank Administration Institute Chicago, Illinois, USA PGP Key: http://www.malayter.com/pgp-public.txt ::::::::::::::::::::::::::::::: We have just enough religion to make us hate, but not enough to make us love one another. -Jonathan Swift -----Original Message----- From: Roger Seielstad [mailto:[EMAIL PROTECTED]] Posted At: Friday, October 11, 2002 6:54 AM Posted To: Windows 2000 List Conversation: AD naming Subject: RE: AD naming > If you want to keep the two independent (and it sounds like > you do), what's > wrong with building the structure around 'octech.local' or > 'octech.prv'? Plenty. That style of naming standard was the original suggestion following some of the JDP installs, prior to AD going gold. Since that time, however, it has been strongly suggested that you use valid, registered domain names for all AD work, specifically for guaranteed uniqueness. I would suggest one of two things - 1) Using your external domain name internally, and implement split DNS. This is a little more complicated from the DNS perspective, but isn't that hard. 2) Acquire new domain name(s) from the registrar of your choice, and use those names for your AD infrastructure. This really is an easy way to do it, since there is no confusion for less DNS saavy admins, and you don't end up with long domain names. I've done both, and both work well. In fact, I just completed a migration using the second format - we're now using 2 generic DNS domains internally, that have nothing to do with our company's public DNS presence. Roger ------------------------------------------------------ Roger D. Seielstad - MCSE Sr. Systems Administrator Inovis - Formerly Harbinger and Extricity Atlanta, GA > -----Original Message----- > From: Steve Molkentin [mailto:[EMAIL PROTECTED]] > Sent: Thursday, October 10, 2002 6:56 PM > To: NT 2000 Discussions > Subject: RE: AD naming > > > Mr Foley (OK, making an assumption here), > > Having your internal DNS structure = your Net structure has > it's benefits if > you are trying to access 'stuff' inside your organisation > from the Net. > > If you want to keep the two independent (and it sounds like > you do), what's > wrong with building the structure around 'octech.local' or > 'octech.prv'? > > I'm glad to be wrong or have misunderstood your > requirements... interesting > to hear what other's think (and what you think). > > themolk. > > > -----Original Message----- > > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] > > Sent: Wednesday, 9 October 2002 11:24 am > > To: NT 2000 Discussions > > Subject: AD naming > > > > > > Sorry if this is a repeat, not sure if my last message got on > > the list. > > I am creating a new root forest on a new domain controller > > that will be > > the first server with AD running on our network. I am > planning to use > > ADMTv2 to migrate users and want to keep both domains running > > for awhile. > > Anyway, my question is this. Should I use my registered DNS > > domain name > > octech.edu for the forest root, or should I use something like > > local.octech.edu or inside.octech.edu? I run DNS on my PDC > now but I > > don't send my ISP zone transfers (it's behind the firewall). > > They have a > > list of all my servers that need outside access (email, > > public web page, > > etc.) which they put in their name servers manually. > > > > ------ > > You are subscribed as [EMAIL PROTECTED] > > Archives: http://www.swynk.com/sitesearch/search.asp > > To unsubscribe send a blank email to %%email.unsub%% > > > > ------ > You are subscribed as [EMAIL PROTECTED] > Archives: http://www.swynk.com/sitesearch/search.asp > To unsubscribe send a blank email to %%email.unsub%% > ------ You are subscribed as [EMAIL PROTECTED] Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe send a blank email to %%email.unsub%% ------ You are subscribed as [email protected] Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe send a blank email to [EMAIL PROTECTED]
