ad name?

  • Thread starter Thread starter MS News
  • Start date Start date
M

MS News

Should I name my AD after a domain name I already have?

Example: If I have mydomain.com should I make a DNS entry for
corp.mydomain.com and name my AD that?

Or does it matter if it is a fully qualified domain or not?
 
That is one of the major decisions to make when building
an AD. There are reasons for and against making your AD
forest model your existing domain.

Personally, I have always been a fan of mirroring my
forest after my existing DNS. Regardless, it is extremely
important that you do use some sort of FQND, single named
is bad.

So I would do mydomain.com. You could just as easily do
corp.mydomain.com but I would not do just corp.

-Jack
 
I already have DNS BIND running on a standalone server in another NT domain.
I have mydomain.com configured with hundreds of entries in the zone file. If
I name my AD mydomain.com will that effect my existing DNS? Because of that
reason would it be better if I name it corp.mydomain.com? I also have
several abreviated domain names like mdm.com and mydomain.net ... Does that
matter to AD?
 
The thing to realize about AD and DNS is that whatever you
name your AD, that new suffix becomes all-important to
your clients. It is with that suffix that your clients
find DCs and other services. Dynamic Updates also must be
turned on on that zone.

So if you want to keep your mydomain.com clean of a
million new records, I can't say I blame you (especially
if you open up DYDNS to all clients).

I can give you two quick examples. We have a DNS zone
called company.com. We had an NT4 domain called "domain."
We have two physical locations, and each location had
their own primary zones: "Loc1.company.com"
and "Loc2.company.com"

When it came time to make "domain" an AD we had to decide
whether to change the AD name to match one of the existing
DNS zones or to create a whole new zone. We decided to
basically create an AD only zone
called "domain.company.com" thus seperating our AD zone
from our pure DNS zones (which sounds like what you want
to do).

I also upgraded another NT4 domain from "otherdomain"
to "otherdomain.company.com" thus merging the pure DNS and
the AD dns. The reason for this was that we didn't want
to go through the trouble of changing the netbios name.

Both instances work just fine. Just be aware that when
you add a 2k machine to the AD, it automatically changes
the primary suffix of the machine. So it is important
that you either supply a suffix search order or make sure
all of your stuff uses the FQDN.

One thing we did do that I highly recommend if you are a
multi-locationed shop is to bring up an empty forest
root. That would mean that you have just a DC or two
using the company.com zone. Do a search on deja.com for
empty forest root to learn more.

-Jack
 
Thank you.

Jack said:
The thing to realize about AD and DNS is that whatever you
name your AD, that new suffix becomes all-important to
your clients. It is with that suffix that your clients
find DCs and other services. Dynamic Updates also must be
turned on on that zone.

So if you want to keep your mydomain.com clean of a
million new records, I can't say I blame you (especially
if you open up DYDNS to all clients).

I can give you two quick examples. We have a DNS zone
called company.com. We had an NT4 domain called "domain."
We have two physical locations, and each location had
their own primary zones: "Loc1.company.com"
and "Loc2.company.com"

When it came time to make "domain" an AD we had to decide
whether to change the AD name to match one of the existing
DNS zones or to create a whole new zone. We decided to
basically create an AD only zone
called "domain.company.com" thus seperating our AD zone
from our pure DNS zones (which sounds like what you want
to do).

I also upgraded another NT4 domain from "otherdomain"
to "otherdomain.company.com" thus merging the pure DNS and
the AD dns. The reason for this was that we didn't want
to go through the trouble of changing the netbios name.

Both instances work just fine. Just be aware that when
you add a 2k machine to the AD, it automatically changes
the primary suffix of the machine. So it is important
that you either supply a suffix search order or make sure
all of your stuff uses the FQDN.

One thing we did do that I highly recommend if you are a
multi-locationed shop is to bring up an empty forest
root. That would mean that you have just a DC or two
using the company.com zone. Do a search on deja.com for
empty forest root to learn more.

-Jack
Click to expand...
 
Back
Top