3

It's common convention to name a domain something like companyname.local for internal Active Directory with integrated DNS.

I'm in a situation where the company name has changed and I would like to rename the domian. I'm aware of the difficulty and implications. I would like to rename it from 'abccorporate.local' to just 'xyz'. I can't think of any reason to keep the '.local', is there one?

Ben Pilbrow
  • 11,995
  • 5
  • 35
  • 57
Ryan
  • 149
  • 8
  • 1
    See the related question http://serverfault.com/questions/71052/choosing-local-versus-public-domain-name-for-active-directory. http://serverfault.com/questions/17255/top-level-domain-for-private-networks/17566 You should not be using .local according to Microsoft. – Zoredache Jul 27 '10 at 04:46
  • 1
    It is worth noting that even '.local' can cause issues. Refer to http://serverfault.com/questions/17255/top-level-domain-for-private-networks/17566 and review the accepted answer. The best practice is to use a subdomain of a real domain that is registered in the company's name. – Skyhawk Jul 27 '10 at 04:49

1 Answers1

5

What you are looking at is a Single-Label domain. It is a very very bad idea. There are many lists out there detailing the kind of horror you are looking at if you name your domain like this. There simply is no good reason to do this. What I would suggest doing is use a subdomain of a domain name your company owns. For instance, if your company owns xyz.com, name your AD domain ad.xyz.com. Here's a link you may want to check out regarding Single-Level domains:

http://support.microsoft.com/kb/300684

ThatGraemeGuy
  • 15,314
  • 12
  • 51
  • 78
Jason Berg
  • 18,954
  • 6
  • 38
  • 55
  • Newer Microsoft software does not support single-label domains, such as Exchange 2010 and Sharepoint 2010. Server 2008 R2 also flat out refuses to work in such an environment. – Mark Henderson Jul 27 '10 at 04:43
  • P.S. that WikiAnswers is just a (poor) copy/paste of the KB article you linked to – Mark Henderson Jul 27 '10 at 04:46
  • Well...I want to remove the link (might as well not support poor copy/paste jobs)...I keep getting the "It's not you, it's me" SF error message when I try to edit...I guess this is the lords of SF deciding they want that link :-) – Jason Berg Jul 27 '10 at 04:55
  • I did consider the scenario you mentioned, ad.example.com or internal.example.com. However the point was to simplify the domain name, not lengthen it. Nevertheless it appears the dcpromo wizard blocks it anyway in server 08. I think a domain collision is quite remote but then again why not do things correctly and use a legitimate FQDN? Thanks for the links and enlightenment. – Ryan Jul 27 '10 at 05:42