What do I join when I name my domain with .local

Question

If I name my Active Directory domain "foo.local", what domain do I tell the (Windows) computer to join to? Do I put in "foo.local" or just "foo"?

See: http://serverfault.com/questions/17255/top-level-domain-for-private-networks/17566 http://serverfault.com/questions/47087/using-local-for-internal-websites http://serverfault.com/questions/89644/naming-windows-server-2008-domains for discussion of the usage of .local Quoting Microsoft **Using unregistered suffixes is not recommended. Using single label names, such as .local, is not supported.** — Zoredache, Jun 26 '10 at 03:53
Interesting, I'm sure I saw Microsoft documentation that suggested .local should be used, possibly for Small Business Server. Agreed that this is not a good idea. — pjc50, Jul 22 '10 at 15:51

score 4 · Accepted Answer · answered Jun 25 '10 at 23:12

4

You can join the domain using foo or foo.local. Foo is the single label NetBIOS name of the domain and foo.local is the DNS FQDN of the domain. Using either one to join the domain is valid, although I prefer to always type the FQDN.

answered Jun 25 '10 at 23:12

joeqwerty

108,377
6
80
171

score 1 · Answer 2 · answered Jun 25 '10 at 23:03

1

You would put foo.local, but you shouldn't use a .local TLD for an AD domain.

answered Jun 25 '10 at 23:03

MDMarra

100,183
32
195
326

Mark: I have worked for a company that had named its AD domain 'company-initials.local', with a NetBIOS-friendly name of 'companyname'. Although I was not involved in the naming decision, which took place before my arrival, I observed no obvious ill effects. Given your extensive knowledge of the subject, I am very curious to understand why you would recommend against this practice. – Skyhawk Jun 25 '10 at 23:12
1

@Miles Erickson - .local isn't a real TLD. What's to say it won't ever become one? If all of a sudden someone else owns yourcompany.local, you have the "internal DNS thinks it is authoritative for a zone that it really isn't" problem. The generally accepted way of doing it safely is to make it a subdomain of a current domain that you own that isn't routable on the Internet. Something like ad.yourcompany.com or internal.yourcompany.com, etc. – MDMarra Jun 25 '10 at 23:15
@Miles Erickson, I suspect you never had computers running OS X on that network either. Bonjuer does weird things where .local is used. Read up on the discussion on some of the questions I linked to. – Zoredache Jun 26 '10 at 03:50
& @Zoredache: Thanks, makes perfect sense. I appreciate you taking the time to explain! – Skyhawk Jun 27 '10 at 05:25

What do I join when I name my domain with .local

2 Answers2