1

I have Active Directory 2012 running (just got it running like today) and I chose the domain "markonsolutions.com"

I now noticed that when i try to visit www.markonsolutions.com that dns doesn't know what to do with it.

my questions

1) is this a bad practice to name our internal domain the same as our internet domain (my intention was to simplfy my users lives by giveing them the same log on as there email addresses)

2) If its not a big deal to have them both under the same name How can I add www or any of my other sub domains to go out to the internet dns?

Thanks

Crash893
  • 737
  • 2
  • 15
  • 30
  • 6
    Read this, it might make some things a little clearer for you: http://serverfault.com/questions/473529/what-should-i-name-my-active-directory – Ryan Ries Aug 26 '13 at 20:38

1 Answers1

6

Q: Is this a bad practice to name our internal domain the same as our internet domain?

A: Yes it is.

Q: If its not a big deal to have them both under the same name How can I add www or any of my other sub domains to go out to the internet dns?

A: Don't go down that road. Either rename the current domain or wipe it and start from scratch using an unused sub-domain, such as ad.markonsolutions.com.

EDIT:

Statement: "my intention was to simplify my users lives by giving them the same log on as their email addresses"

Retort: Set up a UPN suffix that matches the DNS suffix of the email address and configure that for your users. This will wind up matching the parent DNS suffix of your AD FQDN if you name your domain something like ad.markonsolutions.com (the UPN suffix will be markonsolutions.com).

joeqwerty
  • 108,377
  • 6
  • 80
  • 171
  • Thanks for the simple answers. So If i did AD.markonsolutions.com. would my users still be able to log on as jdoe@markonsolutions.com? – Crash893 Aug 26 '13 at 20:54
  • See my edit.... – joeqwerty Aug 26 '13 at 20:55
  • The UPN and email addresses that you choose to use have nothing to do with the domain name (as is explained in the linked question above that you've duped), really, so YES. – mfinni Aug 26 '13 at 20:57
  • @joeqwerty thanks for clearing that up (it will take me some research ton understand it but its pointing me in the right direction) @ mfinni My point is that to the users they don't really give a $ they just want to log in and they all know there email addresses (hopefully) so to match them would be mutually beneficial – Crash893 Aug 26 '13 at 21:01
  • Also sorry if im hitting this dead horse a little to much. If i did ad.markonsolutions.com would the log on be "ad/jdoe" or would it be markonsolutions/jdoe? I just dont want to demote the servers again to test – Crash893 Aug 26 '13 at 21:02
  • 2
    The NetBIOS (down-level) logon would be AD\jdoe. The UPN logon would be jdoe@ad.markonsolutions.com. If you create a UPN Suffix for markonsolutions.com then you can set the UPN logon to be jdoe@markonsolutions.com. That was the originally intended purpose for the UPN, but it never really caught on. – joeqwerty Aug 26 '13 at 21:11
  • 1
    Technically, the NetBIOS name can be any allowed NetBIOS name, doesn't have to match any part of the DNS FQDN – mfinni Aug 26 '13 at 21:18
  • True but assuming the OP accepts the defaults when creating the domain, AD would be the NetBIOS name and AD.MARKONSOLUTIONS.COM would be the FQDN. – joeqwerty Aug 26 '13 at 21:24
  • Thanks for the insite gents , I'm trying to keep it as close to defaults as possible as I've found wandering off the path usually bites you in the rear later – Crash893 Aug 26 '13 at 23:10
  • @joeqwerty I keep seeing NOT to use .local but can anyone explain why its such a bad thing? – Crash893 Aug 27 '13 at 00:41
  • Okay I see that mac osx will screw around with .local but is there a reason not to make one up markonsolutions.ad for Example – Crash893 Aug 27 '13 at 01:01
  • 2
    Because nothing prevents .AD from being registered as a TLD in the future. – mfinni Aug 27 '13 at 02:06