We've had internal and external the same for several years and no issues. Split brain dns isn't a problem and it makes life for the clusers simpler. Internal DNS is ad and has all the info one would normally see in an active directory dns. External is standalone dns server, with only "a" records for web sites, mx and spf for mail services. Very low maintenance. The users know www.vhcc.edu works from anywhere. It also makes ssl certificates simpler. Say I have OWA secured. How does a cert work if I access it internally via owa.vhcc.local versus externally via owa.vhcc.edu? On this last point, I'm just asking as I've never had to deal with that scenario but I can see it as a hurdle if you do go the different namespaces route.
-----Original Message----- From: Joseph Heaton [mailto:[email protected]] Sent: Wednesday, April 28, 2010 10:22 AM To: NT System Admin Issues Subject: Current AD domain naming best practices We are currently in the beginning phases of migrating from Novell e-Directory, to AD. We are having discussions to decide on a new internal domain name. I know that years ago, it was best practice to have a different internal domain name from your external domain name, which is what the Novell guy is holding onto, like a pitbull to a mailman's leg. Is that still true today? We are on private IPs internally, so external forces can't route to the inside anyway, so my thinking, and the other Windows admins, is that having the same FQDN internally would be ok. TIA, Joe ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
