Re: Use .local or .com in SBS2003 setup? - HELP!

Tech-Archive recommends: Repair Windows Errors & Optimize Windows Performance

From: Aaron Boone (anonymous_at_discussions.microsoft.com)
Date: 04/24/04 

Date: Sat, 24 Apr 2004 07:36:04 -0700

I think the main reason to name it .local is security. If
you name your domain something.com, your DNS server will
forward the DNS records of your LAN out to the internet
and they will be cached by other DNS servers. This leaves
the possiblity for some hack to know everything about
your LAN without much effort. If you name in
something.local, the records will still forward out but
they will be droppped because the DNS servers don't
understand .local

Correct me if I am wrong.

A.Boone

>-----Original Message-----
>By the way-> If you plan to have Macs in you lan... name
your AD domain
>..lan, .office or .somethingelse. There is an issue
with .local and Macs.
>
>--
>Javier [SBS MVP]
>
><< SBS ROCKS !!! >>
>
>"Javier Gomez [SBS MVP]"
<javier_gomez@remove.this.engineer.com> wrote in
>message news:ON84dOWKEHA.808@tk2msftngp13.phx.gbl...
>> SBS or plain-vanilla Win2k/2k3 you shouldn't use the
real domain name for
>> your AD domain name. There is no good reason to
use .com, and many reasons
>> why you shouldn't.
>>
>> Check this out:
>> http://imho.dyndns.org/addns.htm
>>
>> --
>> Javier [SBS MVP]
>>
>> << SBS ROCKS !!! >>
>>
>> "John" <jsirakis@hotmail.com> wrote in message
>> news:368c01c42961$07595cc0$a401280a@phx.gbl...
>>> Now I'm really confused by Microsoft.
>>>
>>> I have setup both Windows 2000 & Windows 2003 servers,
>>> and used our registered domain on the net during the
Active
>>> Directory setup. So the domain used in all
installations is
>>> domain.com.
>>>
>>> However, when testing an SBS 2003 installation, the
>>> installer recommends using a domain.local record for
the
>>> installation. Can anyone give any reasons to do that?
Why
>>> do the standard versions of 2003 server suggest using
the
>>> publicly registered domain?
>>>
>>> Thanks,
>>> John
>>
>>
>
>
>.
>

Relevant Pages

  • Re: Slow Logon Seen on Non-Member Clients
    ... I can see no reason why XP would be ... essentially the XP clients having difficulty. ... >Ensure that you are pointing to the AD DNS servers. ... >DNS servers) are experiencing very slow logons of up to 5-6 minutes. ...
    (microsoft.public.win2000.active_directory)
  • Re: DNS: Question about setting abc.com record
    ... The reason I have set all of my DNS zones for the above record ... for all of my DNS servers is because if had I set this record for the ... localhost, the localhost would receive the email I sent. ... If not you do not need the 'A' record just after the Hosts line. ...
    (Fedora)
  • Re: COPY / FTP and error message
    ... Is there a reason why your system managers refuse to give a name to that ... IP address either in their DNS servers of in your local host's hosts ... officially available yet for your version of UCX/VMS? ...
    (comp.os.vms)
  • Re: recursive DNS servers DDoS as a growing DDoS problem
    ... While you're on the subject of the potentials of DOSing using DNS servers, I noticed several months ago some possible abuses myself, although I soon lost interest for some reason or another. ...
    (Bugtraq)
  • Re: When I use DialUp and LAN at same time, I cannot access LAN.
    ... >>network is CHECKED. ... PING doesnt work as DNS servers are inaccessible. ... > Your computer's LAN IP address is in the 10.91.194.x subnet. ... > overrides the LAN default gateway, preventing access to the LAN's DNS ...
    (microsoft.public.windowsxp.network_web)