Re: Internal vs External Domains

From: Ace Fekay [MVP] (PleaseSubstituteMyActualFirstName&LastNameHere_at_hotmail.com)
Date: 04/29/04 

Date: Wed, 28 Apr 2004 22:57:49 -0400

In news:ZNHjc.8052$6L3.1037@fed1read05,
XXXXXXXXXXX <XXXXXX@lvcm.com> posted their thoughts, then I offered mine
> Hi Everyone:
>
> I am planning an Windows 2003 Active Directory domain for a client
> company. The external domain name, for example, MYDOMAIN.com is
> registered and has an active website on the Internet. The internal
> domain name under AD is inside.MYDOMAIN.com.
>
> Also, Exchange 2000 server is on the internal network to process mail
> on user accounts such as user@MYDOMAIN.com and
> user@inside.MYDOMAIN.com who is the same end user.
>
> 1) Is this separations sufficient to maintain security between the
> external vs. internal domains? (Assume hardware firewalls are in
> place etc.)
>
> 2) Would AD see inside.MYDOMAIN.com as the root domain or
> would it be seen as some kind of child domain?
>
> 3) What other domain issues should I be concerned about?
>
> 4) What other Exchange issues should I be concerned about?
>
> Thanks for any input and help.
>
> Oren

This has been discussed extensively in these newsgroups. Honestly, to
summarize, create a different 1st level name for your domain, but use the
same second level name, eg, external is domain.com, the internal would be
domain.net or domain.local or domain.corp. It eliminates alot of security
issues and is less confusing for users and it will reduce administrative
overhead.

As for Exchange, Exchange will host any domain name, whether it's the same
as the AD name or not. I'm hosting 25 domain names (for clients) on my
Exchange server.

:-) 

-- 
Regards,
Ace
Please direct all replies to the newsgroup so all can benefit.
This posting is provided "AS-IS" with no warranties and confers no
rights.
Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
Microsoft Windows MVP - Active Directory
HAM AND EGGS: A day's work for a chicken; A lifetime commitment for a
pig. -- 
=================================

Relevant Pages

  • Re: Cannot login to retrieve internet mail
    ... You are correct in that when I connect with one of these accounts (that do ... not work) from an outlook client I am attemting to receive mail. ... > POP client - only the Exchange server for POP, ... > Internet - this is entirely different. ...
    (microsoft.public.exchange.admin)
  • Re: Client refusing incoming smtp messages
    ... Then don't mention the client & SMTP server. ... Is moxa.com your registered Internet domain? ... exchange server or anything else at that matter. ...
    (microsoft.public.exchange.clients)
  • Re: Certain rules not working
    ... Internet Message Format ... Exchange - System-Manager ... I had failed to allow message forwarding on the server side. ... A client is having issues with setting server-based rules onto Exchange 2003 ...
    (microsoft.public.windows.server.sbs)
  • Re: change domain name advice?
    ... Internet domain name. ... I have an ongoing issue where the Outlook client can send to another ... choose which Inbox to forward to, the POP or the Exchange. ... The Entourage user must drag the appt. ...
    (microsoft.public.exchange.admin)
  • Re: Log into exchange via IP??
    ... If you can send to/receive from the Internet then your mail to that user not AD should be delivered just fine. ... We have an exchange server in our office which is also our domain ... We have a remote user that is NOT in active directory and therefore any ... Free SQL database Firebird - full support for transaction control, triggers, stored procedures, partial SQL-99 compliance ...
    (microsoft.public.exchange.admin)