.local vs top level domain
jibbajabba
Member Posts: 4,317 ■■■■■■■■□□
in Off-Topic
We are having a bit of an argument here.
When would you give AD a .local domain and when a top level domain ?
Obviously .local isn't routeable .. but in that particular case it doesn't have to.
Basically there is one Server which supposed to run Exchange (also acting as domain controller) and one webserver which will be joined to the domain.
The exchange server will host one domain which ie. example.com .. and the webserver will host the website example.com
Now - would you name the actuall AD example.com or example.local ?
When would you give AD a .local domain and when a top level domain ?
Obviously .local isn't routeable .. but in that particular case it doesn't have to.
Basically there is one Server which supposed to run Exchange (also acting as domain controller) and one webserver which will be joined to the domain.
The exchange server will host one domain which ie. example.com .. and the webserver will host the website example.com
Now - would you name the actuall AD example.com or example.local ?
My own knowledge base made public: http://open902.com
Comments
-
jibbajabba Member Posts: 4,317 ■■■■■■■■□□Canadian IT Professionals : To use a .Local or real internet DNS name for SBS (Small Business Server)
Nice article ..My own knowledge base made public: http://open902.com -
dynamik Banned Posts: 12,312 ■■■■■■■■■□It's typically a best practice to give the internal domain a different name than the external name. There's a variety of ways to do this. You could make it a child domain, such as ad.company.com, or you could give it a different suffix such as company.local or company.corp. Like you said, you'll probably have some trouble using those on the internet. However, why would you want your AD traffic on the internet? You should be using VPNs or something else to connect to other internal networks. As far as Exchange goes, I believe you can create a mapping or something from your external domain to your internal domain, so that will work transparently and seamlessly. I'm sure Royal will be able to elaborate.
-
royal Member Posts: 3,352 ■■■■□□□□□□I'm sure Royal will be able to elaborate.
So with Exchange, if you're using the same domain name for AD and external, not really much you have to do on Exchange. If you're using different domain names, you'd create an Accepted domain which matches your external namespace and then create an e-mail address policy so it assigns users this external namespace and have it mark that namespace as their Primary SMTP Address. Pretty simple.
And yes, I'm also a fan of having your AD name different. .local or a subdomain of your internet namespace that isn't used externally that will be your forest root domain. You can always create a regular primary dns zone that matches your external namespace should you have the need for Split-Brain DNS.“For success, attitude is equally as important as ability.” - Harry F. Banks -
mr2nut Member Posts: 269It can be anything too. thiscompanyis.mine for example.
It's purely there to stop internal traffic from routing to the outside world i.e. .co.uk .com etc. etc.