Re: Internal vs. External Domain Names

From: Steven L Umbach (n9rou_at_nospam-comcast.net)
Date: 04/28/04 

Date: Wed, 28 Apr 2004 17:50:33 GMT

There are a couple of ways to go. Whatever AD domain you create will be the root
domain for the forest. You might want to consider a "split brains" dns configuration
and name the internals domain the same as the external. To do that you can keep the
internet/intranet separate with your firewall but then you need to put a static
address in the internal AD dns zone for your internet web site so that internal users
can access the external website and whoever hosts your dns zone for the internet may
need to add MX records for Exchange Server. I am not all that familiar with the
Exchange configuration, but if you post in the win2000.dns newgroup, they can give
you lots of input on your options. The link below discusses split brains dns. ---
Steve

http://www.microsoft.com/serviceproviders/whitepapers/split_dns.asp

"XXXXXXXXXXX" <XXXXXX@lvcm.com> wrote in message
news:g5Pjc.9097$6L3.2097@fed1read05...
> Hi Everyone:
>
> I am planning an Windows 2003 Active Directory domain for a client company.
> The external domain name, for example, MYDOMAIN.com is registered and has an
> active website on the Internet. The web server is hosted externally by a
> third party outside the client's LAN. The internal domain name under AD is
> inside.MYDOMAIN.com.
>
> Also, Exchange 2000 server is on the internal network to process mail on
> user accounts such as user@MYDOMAIN.com and user@inside.MYDOMAIN.com who is
> the same end user.
>
> 1) Is this separations sufficient to maintain security between the
> external vs. internal domains? (Assume hardware firewalls are in place
> etc.)
>
> 2) Would AD see inside.MYDOMAIN.com as the root domain or would it
> be seen as some kind of child domain?
>
> 3) What other domain issues should I be concerned about?
>
> 4) What other Exchange issues should I be concerned about?
>
> Thanks for any input and help.
>
> Oren
>
>
>

Relevant Pages

  • RE: Active Sync & OWA probelms
    ... Do you installed ISA server on your ... You have enabled Require SSL on the /Exchange virtual directory. ... In the right pane, click "Connect to the Internet", and then click ... forms-based authentication is required for Exchange Server 2003 ...
    (microsoft.public.windows.server.sbs)
  • RE: Cant send or receive e-mail to POP3 users on same domain--HELP!
    ... Run the CEICW and go through the Internet and firewall option. ... If you choose to forward emails to the ISP's email server (smart ... Connector for POP3 Mailboxes' option, ... The Mailbox type is User Mailbox, and select the appropriate Exchange ...
    (microsoft.public.windows.server.sbs)
  • RE: Catchall not working, EXTERNALLY?
    ... When I open the connection (over internet) to my exchange account, ... the data is stored on the Exchange server side. ... Microsoft CSS Online Newsgroup Support ...
    (microsoft.public.windows.server.sbs)
  • Re: publications concerning port forwarding
    ... a postfix server in the DMZ and a MS Exchange ... services from the internet. ... The "OWA front-end in the DMZ using IPSec," comments were not on topic per ...
    (Pen-Test)
  • Re: Exchange not receiving email from Internet
    ... Recieved email for that domain from internet. ... I understand that your exchange unable to ... permission to send to this recipient". ... The Exchange server Directory Access tab error may not related to ...
    (microsoft.public.windows.server.sbs)