Several of my clients in the past had not followed Microsoft's domain naming recommendations and made thier internal domain name match thier external domain name. This always caused problems connecting from the outside, screwing up routing, and other irritations but I've actually found something that is worse - incredibly worse, actually - the Single Label Domain (SLD)
In a single label domain, instead of domain.local or something.domain.com, you actually make your domain without a dot-anything like INT or LOCAL. This makes your internal domain names kind of simple, server.int, web.int, or whatever but you be amazed as to how much breaks when you do you this:
- Live Communicator breaks
- Kerberos authentication between Active Directory and any other kerberos based service brakes
- Windows authentication to an SQL server breaks
- Domain trust become extremely difficult
- Groove Server Active Directory Integration breaks
Trust me on this one, you never want to do a single label domain. And, guess what we have at my new company....
No comments:
Post a Comment