Internal vs. External Domain Names

  • Thread starter Thread starter XXXXXXXXXXX
  • Start date Start date
X

XXXXXXXXXXX

Hi Everyone:

I am planning an Windows 2003 Active Directory domain for a client company.
The external domain name, for example, MYDOMAIN.com is registered and has an
active website on the Internet. The web server is hosted externally by a
third party outside the client's LAN. The internal domain name under AD is
inside.MYDOMAIN.com.

Also, Exchange 2000 server is on the internal network to process mail on
user accounts such as (e-mail address removed) and (e-mail address removed) who is
the same end user.

1) Is this separations sufficient to maintain security between the
external vs. internal domains? (Assume hardware firewalls are in place
etc.)

2) Would AD see inside.MYDOMAIN.com as the root domain or would it
be seen as some kind of child domain?

3) What other domain issues should I be concerned about?

4) What other Exchange issues should I be concerned about?

Thanks for any input and help.

Oren
 
There are a couple of ways to go. Whatever AD domain you create will be the root
domain for the forest. You might want to consider a "split brains" dns configuration
and name the internals domain the same as the external. To do that you can keep the
internet/intranet separate with your firewall but then you need to put a static
address in the internal AD dns zone for your internet web site so that internal users
can access the external website and whoever hosts your dns zone for the internet may
need to add MX records for Exchange Server. I am not all that familiar with the
Exchange configuration, but if you post in the win2000.dns newgroup, they can give
you lots of input on your options. The link below discusses split brains dns. ---
Steve

http://www.microsoft.com/serviceproviders/whitepapers/split_dns.asp
 
Back
Top