Choosing local versus public domain name for Active Directory

Posted by DSO on Server Fault See other posts from Server Fault or by DSO
Published on 2009-10-03T19:17:30Z Indexed on 2012/06/17 9:18 UTC
Read the original article Hit count: 196

Filed under:

What are the pros and cons of choosing a local domain name such as mycompany.local versus a publicly registered domain name such as mycompany.com (assuming that your org has registered the public name)? When would you choose one over the other?

UPDATE

Thanks to Zoredache and Jay for pointing me to this question, which had the most useful responses. That also led me to find this Microsoft Technet article, which states:

It is best to use DNS names that are registered with an Internet authority in the Active Directory namespace. Only registered names are guaranteed to be globally unique. If another organization later registers the same DNS domain name, or if your organization merges with, acquires, or is acquired by other company that uses the same DNS names, then the two infrastructures cannot interact with one another.

Note

Using single label names or unregistered suffixes, such as .local, is not recommended.

Combining this with mrdenny's advice, I think the right approach is to use either:

  1. Registered domain name that will never be used publicly (e.g. mycompany.org, mycompany.info, etc).
  2. Subdomain of an existing public domain name which will never be used publicly (e.g. corp.mycompany.com).

The "never used publicly" part is a business decision so its probably best to get sign off from those in the company authorized to reserve domain names and subdomains. E.g. you don't want to use a registered name or subdomain that the marketing dept later wants to use for some public marketing campaign.

© Server Fault or respective owner

Related posts about active-directory