[Samba] Samba 4 DNS name Planing

James Cort james.cort at bediwin.co.uk
Wed Dec 4 02:46:42 MST 2013 

Pretty sure use of .local is deprecated in recent versions of Windows Server - ISTR it's something to do with some Windows client devices requiring a certificate signed by a recognised CA, and of course none of them will sign a certificate ending in .local.

Personally, I’d set up a subdomain of a registered domain - eg. ad.mydomain.com - and that’d be the AD domain. But I haven’t checked to see if that represents recommended practise so take it with all the salt you think it needs.


James.

-- 
Eckland-Cort Ltd T/A Bediwin Information Services
Registered in England and Wales, no. 02598654
Registered office:  3 Southleigh Road, Taunton, Somerset  TA1 2XZ

Our Managed Workstation service deals with antivirus, backup and updates for just £5.00/month!
http://www.bediwin.co.uk/services/managed-workstations

On 4 Dec 2013, at 08:29, L.P.H. van Belle <belle at bazuin.nl> wrote:

> 
> I suggest you always use .local if only internal use.. 
> 
> see RFC 6762, which has been approved and was officially published on February 20, 2013, 
> essentially reserves the use of .local as a pseudo-TLD for link-local hostnames 
> that can be resolved via the Multicast DNS name resolution protocol.
> 
> http://tools.ietf.org/html/rfc6762 
> 
> 
> Louis
> 
> 
>> -----Oorspronkelijk bericht-----
>> Van: abartlet at samba.org [mailto:samba-bounces at lists.samba.org] 
>> Namens Andrew Bartlett
>> Verzonden: woensdag 4 december 2013 9:15
>> Aan: Chan Min Wai
>> CC: samba at lists.samba.org
>> Onderwerp: Re: [Samba] Samba 4 DNS name Planing
>> 
>> On Tue, 2013-12-03 at 18:48 +0800, Chan Min Wai wrote:
>>> Dear All,
>>> 
>>> Can help to advise if there are any name planing for dns?
>>> 
>>> e.g: I've a domain amtb-m.org
>>> 
>>> should my samba4 server be
>>> ad.amtb-m.org?
>>> 
>>> OR should I create another non-reachable internal domain
>>> e.g: ad.amtb-m.lan
>>> 
>>> For them?
>>> 
>>> What is the benefit on this or that?
>>> Any documentation about that?
>> 
>> Use a proper subdomain of your registered DNS domain for your new AD
>> domain.  Don't use .lan, .local, .corp as you have no idea 
>> what suffixes
>> ICANN might sell off next, use the domain you already own as the base. 
>> 
>> Andrew Bartlett
>> 
>> -- 
>> Andrew Bartlett                       http://samba.org/~abartlet/
>> Authentication Developer, Samba Team  http://samba.org
>> Samba Developer, Catalyst IT          
>> http://catalyst.net.nz/services/samba
>> 
>> 
>> -- 
>> To unsubscribe from this list go to the following URL and read the
>> instructions:  https://lists.samba.org/mailman/options/samba
>> 
>> 
> 
> -- 
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba

More information about the samba mailing list