Re: How is .local Used?

Thank you again. I see your point about the articles you mention. With my
newfound and very limited knowledge of this area I now do not see the benefit
of a sub-domain of the FQDN either. Speaking for myself, I know I do not
have a good understanding of the relationship between the AD and FQDN
namespace definitions and the implications associated with their setup. I
would have made some different choices with more knowledge. I need to spend
some time understanding the DNS namespace topic as I believe it would help to
resolve some issues I've experienced without realizing the cause. One last
question,with respect to email handling in an environment where the AD
namespace is distinct from the FQDN. Is it correct that users would only
need to have their FQDN email SMTP addresses defined in email setup (meaning
they would not need for example, user1@xxxxxxxxxxxx and user1@FQDN defined in
AD)? When emails are sent internally, I presume they are handled by the AD
DNS for internal delivery using the .local namespace. Emails sent externally
would first be checked against the AD namespace, then forwarded to the ISP
nameservers?

For inbound emails, how does the "handoff" occur from the external name
servers to the internal AD name resolution. I realize there is an MX record
pointing to the mail server, my question pertains to what happens once in
gets in house - how does the external namespace "handoff" to the internal?

I really appreciate your time and the clarity of your responses.

Thank you,

Diane

"SuperGumby [SBS MVP]" wrote:

> There's a lot of people out there who disagree with me and many pages of
> conflicting advice.
>
> I actually disagree with
> http://support.microsoft.com/default.aspx?scid=kb;en-us;296250
> The Domain Name System name recommendations for Small Business Server 2000
> and Windows Small Business Server 2003
>
> and
> http://support.microsoft.com/kb/254680/
> DNS Namespace Planning
>
> because they suggest that a subdomain of your public FQDN is a valid choice.
>
> I am yet to hear a good reason why your internal namespace in any AD should
> be related in any way to your public FQDN. In my mind most people approach
> the problem from the wrong end, assuming 'Yep, I've got this name, I should
> use it' rather than 'HMM, I need a private namespace, what will I choose?'.
> Many may do it because they don't know that when choosing an internal
> namespace they can still support a seperate external namespace.
>
> Your ISP's DNS server question is simple. All members of an AD (DC's, member
> servers, workstations) should look to an (or multiple) AD integrated DNS
> server for name resolution, and only such AD integrated DNS servers. The AD
> integrated DNS server(s) should be configured to use your ISP's name servers
> as forwarders. If (for whatever reason) there is a problem using forwarders
> the AD integrated DNS can use root hints to satisfy queries external to the
> domain.
>
> "Diane" <Diane@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
> news:39C7DB1C-4EE6-4947-A565-E06D0D506952@xxxxxxxxxxxxxxxx
> > Thanks to you and Javier. Hugh clarification for me and lots more to
> > learn.
> > Not sure quite how to ask this question. With reference to your statment
> > "AD uses DNS as it's primary name resolution mechanism" is it true that
> > the
> > AD/DC construct alone takes care of name resolution? Generally. I've
> > seen
> > DNS set up referencing the ISP name servers - the TCP/IP setup DNS
> > entries.
> > Are there specific DNS entries needed solely for AD "internal" name
> > resolution? Can you suggest whiere I can find more information on this
> > topic? I can see we've got some setup issue to work.
> >
> > Thanks again,
> >
> > "SuperGumby [SBS MVP]" wrote:
> >
> >> just a bit more to add to Javier's comments.
> >>
> >> REINFORCEMENT: This is NOT an 'SBS' issue, this is pure AD. No AD should
> >> be
> >> named after your internet FQDN.
> >>
> >> AD uses DNS as it's primary name resolution mechanism, as such the DNS AD
> >> name is designed purely to satisfy name queries inside the AD. Why would
> >> you
> >> wish to confuse the issue by using the same name as your internet FQDN?
> >> When
> >> creating the AD DNS the first DC implemented (in our case normally SBS)
> >> is
> >> created as SOA for the AD DNS domain, in most cases this is not the case
> >> and
> >> the organisation is unlikely to implement recommendations for primary
> >> name
> >> servers (physically diverse, independantly connected, publicly available
> >> DNS
> >> partners). In most cases the primary name servers for the FQDN are
> >> provided
> >> by the FQDN zone hosts (your web hosting service or ISP).
> >>
> >> In cases where you wish to actually be the host of your internet FQDN
> >> zone
> >> (which I reckon is a d*&n fool idea) your AD DC's are probably not the
> >> best
> >> choice of host.
> >>
> >> "Diane" <Diane@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
> >> news:ACDB9614-3099-421D-8170-1AA91913AB85@xxxxxxxxxxxxxxxx
> >> >I realize this is a really basic question, but could someone explain or
> >> >point
> >> > me to a resource that describes the .local construct in SBS 2003? I
> >> > have
> >> > searched for information on its purpose but haven't been able to find
> >> > anything useful. I realize it pertains to local addressing, but am not
> >> > sure
> >> > where or how it comes into play when a company also has a domain name.
> >> > I
> >> > had
> >> > an issue where a user was not receiving internal mail. I realized they
> >> > did
> >> > not have a .local address and once added, local mail worked fine. I
> >> > have
> >> > worked with exchange 2000 (not sbs) where this is not a factor.
> >> >
> >> > Thanks very much,
> >>
> >>
> >>
>
>
>
.

Relevant Pages

  • Re: company.local or company.com
    ... Your AD Servers in the office will most likely be the choice for DNS ... using internal AD DNS for resolution, not the external DNS servers that host ... Having your AD namespace called company.local will not affect anything as it ...
    (microsoft.public.exchange.design)
  • Re: How is .local Used?
    ... because they suggest that a subdomain of your public FQDN is a valid choice. ... Your ISP's DNS server question is simple. ... servers, workstations) should look to an AD integrated DNS ... >> wish to confuse the issue by using the same name as your internet FQDN? ...
    (microsoft.public.windows.server.sbs)
  • Re: DHCP client questions
    ... They have decreed that there shall be no static entries in their DNS ... They are using $MS DHCP/DNS servers. ... Your windows capture clearly shows a dhcp option 12 with the short ... FQDN Option 81, length 31: ...
    (freebsd-questions)
  • Re: Cant get POP3 & SMTP
    ... require SSL & my Outlook client is configured as such. ... smtp.gmail.com) it fails to connect to the servers. ... Certificate Lingo means the FQDN. ... Yes it is screaming DNS. ...
    (microsoft.public.isa.configuration)
  • Re: Error Joining Domain - Service Not Responding in Timely Fashio
    ... Make sure that the servers are able to ping ... > problem with your DNS or your DNS search scope. ... FQDN and NetBIOS name. ...
    (microsoft.public.win2000.active_directory)
Loading