0

Coming into a new organization with an AD environment that was more or less experimental. We're ready to go all in, but I don't like that the domain was setup with a ".local" suffix, due to the issues OS X clients can have (not the point of this question).

Is adding a domain suffix of ".com" a legitimate resolution that should be problem-free when joining all of our devices to the domain for the foreseeable future? Or should we basically nuke it and create an entirely new forest?

There are a good handful of servers (mostly linux and Veam) using the .local domain already so I don't want to have to deal with a hard-break if avoidable.

willWorkForCookies
  • 103
  • 2
  • 1
    See [Windows Active Directory naming best practices?](http://serverfault.com/q/76715/126632) and [How Domain Rename Works](https://technet.microsoft.com/en-us/library/Cc738208%28v=WS.10%29.aspx). You should not use .local, but OS X is only a minor reason. And you certainly should not use .local.com, because you don't own it. – Michael Hampton Jul 28 '15 at 03:25
  • Thanks for the references - good reads. I'll have to look for more that references other reasons that .local is bad beyond OS X. I'm thinking more and more that we need to either stand-up a parallel forest until we can move everything over or do the hard-break and schedule some weekend hours... – willWorkForCookies Jul 28 '15 at 03:49
  • 1
    Adding a UPN suffix will give the users an additional UPN suffix to log in with but it does nothing to change the fact that the AD domain is .local. – joeqwerty Jul 28 '15 at 06:21

0 Answers0