After you define the domain hierarchy for your organization's forests, the next step is to name the domains. This lesson explains how to name domains, which includes assessing domain naming needs and choosing names for each domain in an organization.
After this lesson, you will be able to
- Identify the factors in an organization's environment that impact its domain names
- Recall the guidelines for naming domains
- Analyze an organization's environment to name its domains
Estimated lesson time: 15 minutes
Understanding Domain Names
In Windows 2000 and Active Directory, a domain name is a name given to a collection of networked computers that share a common directory. Recall that Active Directory uses the Domain Name System (DNS) as its domain naming and location service, which allows for interoperability with Internet technologies. Therefore, Windows 2000 domain names are also DNS names. When requesting logon to the network, Active Directory clients query their DNS servers to locate domain controllers.
In DNS, names are arranged in a hierarchy and can be partitioned according to the hierarchy. The hierarchy allows parent-child relationships where the name of the child domain is designated by the name of the parent domain preceded by a label. For example, uk.microsoft.com is a child domain of the microsoft.com domain; for the child name the "uk" label is placed before the name of the parent domain, "microsoft.com." Thus, a domain's name identifies its position in the hierarchy.
Design Step: Naming Domains
To name domains, you must complete the following tasks:
- Assess the organization's domain naming needs.
- Choose names for each domain in your organization.
Assessing Domain Naming Needs
To define domain names for your organization, you must first consult the following documents compiled earlier by your design team:
- Domain Hierarchy Diagram. Assess the position of domains in the hierarchy to determine the appropriate DNS names.
- DNS Environment Worksheet. Determine existing DNS names.
The Domain Hierarchy Diagram is discussed in the previous lesson. A blank copy of the worksheet is located on the Supplemental Course Materials CD-ROM (\chapt02\worksheets). A completed example of the worksheet is located in Chapter 2, "Introduction to Designing a Directory Services Infrastructure."
In addition to assessing the information compiled in these documents, it is imperative that you also assess changes currently planned for domain names and hierarchies to address growth, flexibility, and the ideal design specifications of the organization.
Choosing Domain Names
Because it is nearly impossible to change domain names, the names you select are very important. It's especially critical that you select the correct name for the forest root domain, which you cannot change and which is the basis for its child and grandchild domains. If you adhere to some basic guidelines, you should be able to determine domain names that meet the needs of your organization. The following are guidelines for naming domains:
- Use only the Internet standard characters. Internet standard characters are defined as: A-Z, a-z, 0-9, and the hyphen (-). Although Windows 2000 DNS supports the use of almost any Unicode character in a name, by using only Internet standard characters you ensure that your Active Directory domain names will be compatible with other versions of DNS.
- Differentiate between internal and external namespaces. Because most organizations have an Internet presence, you should use different names for the internal and external root domains to clearly delineate public resources from private resources and prevent unauthorized users from accessing resources on the internal network. For example, a company named Just Togs is represented on the Internet by the DNS name j-100times.com, so the organization should use another DNS name, such as corp.j-100times.com, to represent their Active Directory forest root domain name.
- Base the internal DNS name on the Internet DNS name. If you use an internal DNS name that is related to the Internet DNS name, it will be easier for users to understand the navigational structure. Consider using the Internet DNS name as a suffix for Active Directory domain names. For example, corp.j-100times.com is easily understandable as an extension to j-100times.com.
- Never use the same domain name twice. For example, Just Togs should not use the name j-100times.com for both its Internet and intranet root domains. If a j-100times.com client attempts to connect to either the Internet or the intranet j-100times.com site, the domain that answers first is the one to which the client is connected.
- Use only registered domain names. Register all second-level domain names, whether they are internal or external namespaces, with the InterNIC or other authorized naming authority. For example, Just Togs should register its second-level domain name, j-100times.com. The company does not need to register corp.j-100times.com because it is not a second-level domain name. Internal names that are second-level domain names should be registered to ensure access from outside the corporate firewall. You can find more information about registering domain names at http://internic.net/.
Be sure to register and receive verification for domain names before creating your Active Directory domain namespace. After you name your forest root domain you cannot change it, and it is difficult to change other domain names.
- Use short, distinct, meaningful names. Use domain names that are easy to use and are representative of your organization's identity.
- Use names that have been reviewed internationally. Review domain names to ensure that they are not derogatory or offensive in another language.
- Use names that will remain static. Use generic names rather than specific ones. For example, Just Togs might use hq.corp.j-100times.com for its Atlanta headquarters domain rather than atlanta.corp.j-100times.com to avoid the need for change if the headquarters is moved.
- Use the International Standards Organization (ISO) standards for names that include countries and U.S. states. The ISO defines two-letter country codes and U.S. state codes, as presented in ISO 3166. You can find more information about ISO 3166 at http://www.din.de/gremien/nas/nabd/iso3166ma/.
To name domains
- On the domain hierarchy diagram, assign a DNS name to the forest root domain for each forest in your organization.
- Assign DNS names to each tree root domain.
- Assign DNS names to each remaining subdomain. Name each child and grandchild domain according to its position in the hierarchy.
Design Step Example: Naming Domains
Figure 4.11 showed the domain hierarchy diagram for Pacific Musical Instruments. Because the organization already has an Internet presence using the DNS name pac-100times.com, the forest root domain will be named corp.pac-100times.com. Since there is only one tree, the tree root domain is the same as the forest root domain, named corp.pac-100times.com. The child subdomains are named after the regional offices using codes as defined by ISO 3166. The domain hierarchy diagram with domain names is shown in Figure 4.12.
Figure 4.12 Domain hierarchy diagram with domain names for Pacific Musical Instruments
In this lesson you learned how to name domains by assessing domain naming needs and choosing names for each domain in an organization. You learned how naming domains is very important because domain names cannot be changed easily and the forest root domain name cannot be changed at all. You also learned some guidelines for naming domains.