Choosing local versus public domain name for Active Directory
Posted
by
DSO
on Server Fault
See other posts from Server Fault
or by DSO
Published on 2009-10-03T19:17:30Z
Indexed on
2012/06/17
9:18 UTC
Read the original article
Hit count: 196
active-directory
What are the pros and cons of choosing a local domain name such as mycompany.local versus a publicly registered domain name such as mycompany.com (assuming that your org has registered the public name)? When would you choose one over the other?
UPDATE
Thanks to Zoredache and Jay for pointing me to this question, which had the most useful responses. That also led me to find this Microsoft Technet article, which states:
It is best to use DNS names that are registered with an Internet authority in the Active Directory namespace. Only registered names are guaranteed to be globally unique. If another organization later registers the same DNS domain name, or if your organization merges with, acquires, or is acquired by other company that uses the same DNS names, then the two infrastructures cannot interact with one another.
Note
Using single label names or unregistered suffixes, such as .local, is not recommended.
Combining this with mrdenny's advice, I think the right approach is to use either:
- Registered domain name that will never be used publicly (e.g. mycompany.org, mycompany.info, etc).
- Subdomain of an existing public domain name which will never be used publicly (e.g. corp.mycompany.com).
The "never used publicly" part is a business decision so its probably best to get sign off from those in the company authorized to reserve domain names and subdomains. E.g. you don't want to use a registered name or subdomain that the marketing dept later wants to use for some public marketing campaign.
© Server Fault or respective owner