Step 3: Assign Domain Names

  • Article

Published: February 25, 2008

 

The third step in Active Directory design is to assign names to each of the domains. There are two names to assign: the Domain Name System (DNS) name and the Network Basic Input/Output System (NetBIOS) name. Although Windows Server 2008 uses DNS for name resolution instead of the Windows Internet Name Service (WINS) NetBIOS name resolution method that is used in Microsoft Windows NT 4.0–based networks, most organizations still require WINS since there are applications that require it.

Task 1: Assign the NetBIOS Name

The NetBIOS naming activity does not lend itself to a list of specific options. However, there are considerations that need to be addressed when designing the namespace.

NetBIOS names are the names that users most often see when prompted for a domain name in Windows. Each domain requires a NetBIOS name to be assigned. The NetBIOS name must be unique on the network or name resolution conflicts will result.

The same NetBIOS name can be used in different corporations to represent the same entity; for example, the NetBIOS name CORP is often used as the name for the internal corporate network. In this case, if two companies merge and both have used the NetBIOS name CORP, there will be a conflict when the two networks are integrated.

Name resolution conflicts can be avoided by using a NetBIOS name that is more likely to be unique across corporations, such as CONTOSOCORP for a corporation named Contoso. Use a name that will be unique and independent of existing regional or organizational names within the corporation.

Task 2: Assign the DNS Name

Similar to NetBIOS naming, the DNS naming activity does not lend itself to a list of specific options. However, there are considerations that need to be addressed when designing the namespace.

As with NetBIOS, several rules apply to DNS naming. The “Additional Reading” section later in this section provides links to resources about these rules.

The DNS names of Active Directory domains include two parts: a host name and a network name. When concatenated, these names create a non-ambiguous name for a resource. The host name is the name of the Active Directory domain.

First, determine the network name. A best practice is to match the registered Internet domain name for the business. Doing so will ensure that the name is unique across the Internet and is not in conflict with other corporations’ external name ownerships; this reduces the risk of name conflicts during mergers and acquisitions.

Second, select the host name for the domain. The default naming scheme will make the NetBIOS name and DNS the same, such as the NetBIOS name CONTOSOCORP and the DNS name contosocorp.com. For ease of tracking DNS names and NetBIOS names within interfaces and when troubleshooting network-related or Active Directory–related issues, it is a good idea to keep these names the same. However, doing so is not required.

To ensure uniqueness among companies, don’t duplicate existing corporations’ registered Internet DNS domain names. It is a best practice to register all top-level domain names (also known as network names), which are being used, both internally and externally, with Internet Network Information Center (InterNIC) to ensure global DNS uniqueness of the name on the Internet.

Validating with the Business

In addition to evaluating the decision in this step against IT-related criteria, the effect of the decision on the business should also be validated. The following questions have been known to affect domain naming decisions:

  • We plan to use our current Internet domain name. Are there any groups or applications that require a different DNS namespace, perhaps for identity reasons? A separate domain would be required to support a different DNS name within the forest.
  • Are there any planned mergers or acquisitions? Changes in the corporate structure can affect the naming structure.

Decision Summary

Domain names should be kept simple and should be consistent with the Internet DNS namespace. Both the NetBIOS name and DNS name need to be considered for consistency, manageability, and complexity.

Once implemented, this decision is difficult to change because all computers, applications, and scripts would need to be updated to represent the new name. Also, users are exposed to the domain name at logon and when using domain-related applications. A change to the domain name would be confusing and disruptive.

Important!   Run through the decision process to determine the name of every domain in every forest and record the decision in the job aid in the appendix.

Additional Reading

“Naming conventions in Active Directory for computers, domains, sites, and OUs” at https://support.microsoft.com/kb/909264.

“Namespace planning for DNS” at https://www.microsoft.com/windows/windows2000/en/advanced/help/sag_DNS_imp_NamespacePlanning.htm.

This accelerator is part of a larger series of tools and guidance from Solution Accelerators.
Download

Get the IPD Active Directory Domain Services
Solution Accelerators Notifications

Sign up to learn about updates and new releases
Feedback

Send us your comments or suggestions