05-23-2019 07:51 AM
05-23-2019 07:51 AM
We have a Active Directory forest and we are using Office 365 but our domain is not connected/synced. But now we need to move some of our users to a all new domain. So, as we are going to install a new forest, new DNS name... and then sync this forest to Office 365, it's a great moment to do it in the best possible way.
Our most important question is: split-dns or not? :)
We read Microsoft recommendation about not to use split-dns and for internal network use a subdomain of the public domain (https://social.technet.microsoft.com/wiki/contents/articles/34981.active-directory-best-practices-fo...)
What do you recommend to do? Is there an official recommendation about that?
05-23-2019 09:38 AM
Having no knowledge of your organization's structure and infrastructure, all we can do is repeat the general recommendations. Write down your specific requirements and concerns, then do some research, or hire a consultant to go over it with you.
How does this relate to O365 btw? :)
05-28-2019 12:58 AM
Now we are using a domain1.com for our enterprise. We are going to move some users and servers to a new domain (our enterprise is going to be separated in two). We use Office 365, but we have not sync with our internal Active Directory. In our desktops use internal AD account to login. And we put credentials when outlook connects to Office365. Same for Onedrive and another products.
So we will install a domain2.com, new Active Directory forest, create forest trust between domain1.com and domain2.com, migrate users...
As we can do it all from the beginning, we want to ask if it's better to use DNS split or use domain2.com to external connections and some like domain2.int for internal users.
05-28-2019 02:59 AM
I'm thinking more about this problem. I was forgetting a topic.
We have a domain domain1.com now but for email and for Office365 we have registered a domain newcompany.com
So on the one hand we have a domain1.com in the internal Active Directory that is used to log on to the computers.
The new domain would be called newcompany.com, with the Split DNS doubt.
But now we are in doubt: in Office 365 we have created users, with the domain newcompany.com
Would it be a possibility to install domain controllers on premises that synchronize and those Office 365 users?
05-28-2019 08:08 AM
Reading more about the internal DNS name to use, now we've registered newcompany.com at Office365.
If the recomendation is to put a subdomain as the internal forest, we can use internal.newdomain.com. We can deploy a new forest called internal.newdomain.com.
Is it a problem to sync with Office365 or it's better to use newdomain.com in the new forest?