General discussion

Locked

New Domain Name

By smurphy@completeitsolutio ·
I'm setting up a new company domain. I've registered a domain name online (let's say mycompany.com). I have a web site online (let's say www.mycompany.com) that is currently hosted for us. I have several other web sites (let's say www.employeesonly.mycompany com, www.webmail.mycompany.com, etc.) that I host myself on our internal servers. We're setting up a new corporate office, new servers, new everything. I have the opportunity to set this up right. I've heard that it's best NOT to name your windows domain the same as your public domian (so not mycompany.com). Is this true? What are the standard naming conventions for a windows domain? Any tips for doing this right would be helpful.
Thanks,
Sean

This conversation is currently closed to new comments.

9 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Comments

Collapse -

by CG IT In reply to New Domain Name

well public domain names are .com/org/net/biz/info/ blah blah blah. naming your internal network to a non public domain name e.g. .local/.network/.ours/.theirs/ blah blah makes getting in and access through joining the domain a little harder to do. When using the \domain\user to join a domain if the domain is public then its easy to know the domain name to use. Just look it up in Who Is. Then its a matter of getting a user name and password. If the domain is non public the \domain is harder to figure out because it could be anything like domain.theirs or domain.ours or domain.local or whatever. You can't join the domain.theirs domain using the domain.com/org/biz etc available publically using \domain\user.

Collapse -

by smurphy@completeitsolutio In reply to New Domain Name

I guess I was wondering if I should use mycompany.com, or mycompany.local. I'm confused about which to use when. While my web site is mycompany.com, this will also be the box where my users log in and authenticate. I've heard that using a domain named the same as your public domain can cause problems, but I'm not sure of specifics.

Collapse -

by BFilmFan In reply to New Domain Name

Unless you are hosting web servers in your internal AD network (BAD BAD IDEA), you should always use XYZwhatever.local on internal networks for just the reasons CG mentioned.

In your externally facing servers, you can use your public registration name by placign them in an external domain which trusts your domain, but you do not trust it.

Collapse -

by smurphy@completeitsolutio In reply to New Domain Name

Ok, so if I name this new domain mycompany.local and DO NOT put my public web sites and IIS on the domain controller (they are not now, nor was I indending to), and have IIS and all my web sites on another server (they are now), do I need to make that web server box a domain controller but name it mycompany.com? So that box would not be a part of the domain?

Collapse -

by Monice In reply to New Domain Name

It doesn't matter what you name your internal domain. You can still host your website company.com and all the others. You could host them on your domain controller but I would not advise that. I personally would make the webserver a standalone and put it on a dmz.

Collapse -

by CG IT In reply to New Domain Name

correct. You have your web server off somewhere away from your network. If you can afford it on a seperate line with a seperate IP address. Never have a web server on your Active Directory network. As Bfilm says bad bad bad.

However! there is one way to have your web server on your network and have it secure. That is with Microsoft's ISA Server 2000/2004. ISA Server at the perimeter acts as a proxy or go between. The requesting computer never actually connects with the web server. ISA gets the web page from the web server for the requesting computer and send it to them. Barring setting up ISA server, as the other posters said , put the web server on a seperate subnet preferably on its own line.

Collapse -

by CG IT In reply to

no you don't make the Web server a DC. Theres no point in it. Its a web server not a domain controller.

Collapse -

by CG IT In reply to

the web server isn't part of a domain and doesn't need to be. You need DNS to resolve your public IP address to a name and you need somewhat to point public users web requests http [port 80] or https [port 443] to the web servers ip address [a router with port fowarding works well but thats it.

Collapse -

by kvvsureshkumar In reply to New Domain Name
Back to Networks Forum
9 total posts (Page 1 of 1)  

Related Discussions

Related Forums