0

I've long been a fan of site specific DNS domains (e.g. <site>.company.com). With AD, having a separate domain means an extra pair (for redundancy) of DCs which seems excessive (in cost and complexity) in small environments.

As a result, in my previous company we had a single AD domain but two DNS domains. This worked out pretty well but it also meant including the sitename in the Windows servers names (e.g. <site>name) which gives a redundant FQDN: <site>name.<site>.company.com (The reason for this is that, obviously, you can only have a single AD computer called "name" within a domain. [Yes, technically you can have one per OU but in practice the NetBIOS/pre2000 name prevents this from being practical.])

The answer then seems to be to give up site awareness in the DNS domain which may not be such a big deal with Windows (given that AD has subnet based site-awareness) but still seems wrong to me.

So, what do you do?

Also, if you have multiple AD domains,

  • where do you put your user accounts?
  • where do you locate your company.com DCs?
  • what else should I be thinking about?
Toto
  • 738
  • 2
  • 5
  • 11
  • 1
    Sorry, I'm confused by your question. What do you want the end result to be, and for what purpose? – Izzy Jul 02 '09 at 18:45

2 Answers2

1

We have a single AD domain which spans our two sites. Machines have a two letter site code in the name to show which site they belong to. Then use use sites and services to handle setting up the different sites via subnet.

mrdenny
  • 27,174
  • 4
  • 41
  • 69
  • That is exactly how we do it across 15+ sites worldwide. – Izzy Jul 02 '09 at 18:46
  • Izzy- can you elaborate a bit? How big is the company and how big are the sites themselves? – Toto Jul 02 '09 at 18:48
  • Company is approx 10,000 users, at approx 15 sites (always changing) across 4 continents. Sites vary from 5 users, to 1000+ users. – Izzy Jul 02 '09 at 19:13
  • How do you handle the moving of a complete team from a site the other? Do you rebuild every computer? – Benoit Jul 04 '09 at 08:18
  • If a team were to move from one site to another, then the machines would all be renamed so that they reflect the name of the site they are in. A rebuild probably wouldn't happen just a machine rename so that people wouldn't have to worry about loosing there data which is on local disk. – mrdenny Jul 06 '09 at 22:16
1

My motto has always been ... don't put intelligence in machine names. People will pester you forever with their requirements; they will want site, serial#, vendor, business unit, laptop/desktop, userid, etc. Over the years, things change, and you are either renaming for weirdo reasons or falling out of sync.

We run a generic name with a number in it, and use another place to store metadata on the machine, with anything you want.

JamesR
  • 1,061
  • 5
  • 6