3

I've been doing some reading on suggested top-level-domains for AD and whatnot. I used to setup domains as company.local and that worked just fine, however, more people want to use their external domain company.com instead of the .local suffix.

I've got a quick clarification question, how am I supposed to set up my first forest if we're going to actually use our registered domain name?

It's easy enough to setup a new forest with company.com but wouldn't I then have to add a child-domain of corp.company.com to a new DC? Essentially requiring two DCs just to set up the one domain.

Or would I create the first forest as corp.company.com and be done with it? That seems to make a lot more sense.

Kyle Johnson
  • 163
  • 1
  • 2
  • 8

2 Answers2

7

Bingo on your last statement.

Set up your AD forest as corp.

corp.company.com.

Edit: Also read this post by MDMarra: What should I name my Active Directory?

Ryan Ries
  • 55,011
  • 9
  • 138
  • 197
1

The recommendation/idea you're expressing isn't quite correct. The recommendation is not to use your publicly registered domain name as the name of your AD domain. The recommendation is to use a sub-domain of your publicly registered domain name. More specifically, the recommendation is to use a sub-domain that you do not plan to use in your public DNS namespace. Your example is a perfect example of how to do it.

Public namespace: company.com

AD namespace: corp.company.com

joeqwerty
  • 108,377
  • 6
  • 80
  • 171