DNS and DNS Namespace Planning

Windows 2000 has adopted the DNS naming convention for naming objects in Active Directory. Each DNS name in the DNS databases is derived from a root name, forming a hierarchical structure. A host's DNS name identifies its position in the hierarchy, which is the same naming structure that has been implemented in Active Directory. The naming scheme is simple and logical for administrative purposes but also descriptive of the object's location in the hierarchy. The domains in an Active Directory structure are identified by the names they have been assigned, and their domain names identify their positions in the Active Directory hierarchy. When you're choosing a DNS name for an organization, it is once again important to assess its structure, needs, and future plans.

If you establish the forest root domain and then determine that it requires a new domain name, Active Directory must be reinstalled and a new forest created. Avoid this by carefully choosing an appropriate forest root name.

The DNS naming standards are now applicable to the objects stored in Active Directory to ensure that all names remain unique. By implementing this type of naming scheme, the names users utilize on their intranets are also compatible and ready for use on the Internet. Users no longer need to remember two different names ”a logon name and an email name. For example, with Active Directory, a user can log on to the network with a name such as JohnD@xyz.corp and can use the same name as his email address.

The naming scheme implemented by Active Directory also adheres to the same naming requirements as DNS names so that all names in a hierarchy remain unique. When assigning DNS names, keep the following points in mind:

• A child domain can have only one parent domain. Looking at the example from the XYZ Corporation, xyz.corp is the parent domain of paris .xyz.corp . The Paris domain can have only one parent; it cannot be the child of both XYZ and ABC.

• If two children share the same parent domain, they must each be assigned unique names. Referring to Figure 2.5, LA and NJ are both child domains of abc.corp . To ensure uniqueness throughout the hierarchy, LA and NJ must be assigned unique domain names.

Contiguous and Disjoint Namespaces

In the Active Directory structure, there are basically two types of namespaces:

• Contiguous namespace

• Disjoint namespace

A contiguous namespace is one in which a child object has inherited a portion of its namespace from its parent object. Looking again at the namespace in the XYZ Corporation, xyz.corp and paris.xyz.corp form a domain tree, which is an example of a contiguous namespace. The Paris domain has inherited a portion of its namespace from the XYZ domain.

A disjoint namespace is one in which a child domain has a namespace that is independent from the parent root domain. In the XYZ Corporation, abc.corp is an example of a disjoint namespace because its namespace is independent from the forest root domain, xyz.corp .

Here's an easy way to differentiate between the two types of namespaces in a forest: A contiguous namespace forms a tree structure, whereas a disjoint namespace establishes a new tree in the forest.