Tag Archives: FQDN

Exchange 2013 Initial Configuration Settings: How to configure virtual directories (Part 10)

Exchange 2013 logo

In part 10 of this mini-series, I’ll look at how to configure the virtual directories used by Exchange 2013. We’ll need to configure these to match the FQDNs we request on our SSL certificate.

It’s assumed that split-brain DNS will be setup for the configuration to work. The essenace of split-brain DNS is that your external domain name is also configured on your internal DNS servers, but the A records on the internal DNS server point to the internal IP address of the server whereas the domain name configured on your external DNS servers point to the external IP address of your server. So whether a client is internal or external the FQDN will always resolve to the correct IP address.

We’ll be configuring the following services:

  • Autodiscover
  • Exchange Admin  Center (ecp)
  • Outlook Web App (owa)
  • Exchange Web Services (EWS)
  • Active Sync
  • Offline Address Book (OAB)
  • Outlook Anywhere

Continue reading

Exchange 2013 Initial Configuration Settings: How to change the FQDN on the Default Frontend receive connector (Part 9)

Exchange 2013 logo

In part 9 of this mini-series, I’ll look at how to configure the Fully Qualified Domain Name (FQDN) of the Default Frontend receive connector in Exchange 2013.

Firstly a warning: Don’t modify the FQDN value on the default Receive connector Default that’s automatically created on Mailbox servers. If you have multiple Mailbox servers in your Exchange organization and you change the FQDN value on the Default Receive connector, internal mail flow between Mailbox servers fails.

In a single Mailbox server environment to change the Default Frontend receive connector FQDN follow the steps below.

Continue reading

Active Directory Domain Naming Best Practices

It’s quite uncommon to get to setup a new company Active Directory infrastructure from scratch. Usually a customer has some kind of infrastructure in place already which I then help manage, maintain and enhance.

However recently I’ve been tasked with setting up a brand new company’s infrastructure and one of my first tasks was to name the Active Directory domain.

There are a number of possible scenarios:

  • You could use a .local or other non-routable domain
  • You could use an external domain (Split brain DNS)
  • You could use a similar domain to your fqdn e.g. .net instead of .com
  • You could use a sub domain of your fqdn

But which is best?

I guess that depends on your specific scenario.




Certainly if SSL certificates are going to be involved at all (think Exchange) then non-routable domains are out due to recent changes.

http://www.networking4all.com/en/ssl+certificates/faq/change+san+issue/

https://www.digicert.com/internal-names.htm

After doing some research on the Internet there is no definitive answer, however I have found lots of articles relating to the best practices when naming an Active Directory domain. Rather than duplicate the work of others I have provided links below to some of the most useful webpages I found:

http://blogs.msmvps.com/acefekay/2009/09/07/what-s-in-an-active-directory-dns-name-choosing-a-domain-name/

http://www.mdmarra.com/2012/11/why-you-shouldnt-use-local-in-your.html

https://technet.microsoft.com/en-us/library/bb727085.aspx

http://blog.varonis.com/active-directory-domain-naming-best-practices/

http://exchangeserverpro.com/ssl-requirements-for-exchange-when-certificate-authorities-wont-issue-certificate/

https://acbrownit.wordpress.com/2013/04/15/active-directory-domain-naming-in-the-modern-age/

(Incidentally, I went for a sub domain of the fqdn).

 Related Posts:

1. How to install Exchange 2013 (SP1) on Windows Server 2012 R2

2. How to reset the Directory Services Restore Mode (DSRM) password

3. How to install Exchange 2010 (SP3) on Windows Server 2012