AD domain name = Net domain name

AD domain name = Net domain name: Posted by gpharr on January 5th, 2004; We first setup a web presence about the time when Windows
2000 Server came out. Without knowing any better, we
named our AD domain the same thing as our internet domain
name [e.g. AD name is domain.com ; web address is
http://www.domain.com]. That seemed to be what the wizard
in W2K Server suggested!? Now I am hearing that this is a
security issue and am wondering [1] is it really a
security issue now that we have upgraded all servers to
W2K3 Server and [2] if it is, how do I fix it? We have 2
DC's running W2K3. One of them also runs Exchange 2003.
We also host our own website on a member server also
running W2K3. Our workstations [13] run either W2K Pro or
XP Pro.

Any advice is greatly appreciated!; Posted by Chriss3 on January 5th, 2004; I will try to answer your questions.

1. The Security issue is if you use same internal dns server, as external.
the Security issue is if you publish the Active Directory Integrated Dns
zone to the internet.
if you have an internal dns server for your network and one external dns
server for your webhostning. the name doesn't make senesce.
2. I will recommend to have one external and one internal dns. or let an ISP
serve the external DNS
--
Regards,

Christoffer Andersson
No email replies please - reply in the newsgroup

"gpharr" <gpharr@austin.rr.com> skrev i meddelandet
news:035501c3d33f$b57797e0$a501280a@phx.gbl...; Posted by garyp on January 6th, 2004; I have 2 internal DNS servers that are AD integrated but
do NOT publish externally. Our router/firewall device
uses the ISP DNS servers to look up web addresses. Our
ISP DNS server points to our external public IP [our
router] and the router forwards all packets on port 80 to
the web server only. Our internal DNS server uses an
Alias (Cname) record to point to the webserver also. We
do this because we host 2 sites on one server.

Good or bad setup??? TIA.; Posted by Chriss3 on January 6th, 2004; Good Setup.. That is a recommend solution of the best practices

--
Regards,

Christoffer Andersson
No email replies please - reply in the newsgroup

http://www.itsystem.se/employers.asp?ID=1

"garyp" <gpharr@austin.rr.com> skrev i meddelandet
news:085001c3d457$7c395040$a501280a@phx.gbl...; Posted by garyp on January 7th, 2004; Thank you so much for your feedback. I feel better now

Gary

Similar Posts

Need to Create Domain Controller with Domain Naminig Master Roleassigned (Microsoft Windows) by zaedi.ahmed@gmail.com
The Domain www.bestnewsletter.eu is now for selling. The Domain for OVER 600 Million People in Europe. (Desktops) by TAKE a LOOK
The Domain www.bestwaypay.eu is now for selling. The Domain for OVER 450 Million People in Europe. (Desktops) by TAKE a LOOK
Change domain password from computer not member in domain (Microsoft Windows) by Daniel Persson
Child Domain - Adding Groups from parent domain.. (Windows 2003) by MEI