How to name the AD domain?

I have a problem with naming the Active Directory domain of an internal server.

According to

https://wiki.samba.org/index.php/Active_Directory_Naming_FAQ#How_Should_I_Name_My_Domain.3F
https://technet.microsoft.com/en-us/library/cc726016(v=ws.10).aspx


https://social.technet.microsoft.com/wiki/contents/articles/34981.best-practices-for-internal-ad-domain-and-network-names.aspx

you have some options to name your AD domain:

  • The domain you use publicly (e.g. example.com)
    This is not recommended because you get big problems (as Trump would say) with DNS.
    But: apart from that it will work perfectly in NethServer.

  • The domain you use publicly with a not-existing TLD (e.g. exmaple.local or exmaple.internal, ā€¦)
    This was the recommended proceeding years ago, but is not recommended anymore (see links above for details).
    Problem in NethServer: every user is assigned the (totally useless) E-Mail address ā€œuser@example.localā€. And there is no way known to me to deactivate this.

  • A subdomain of the domain you use publicly. (e.g. ad.example.com)
    This is recommended by all publications I read.

But you got problems in NethServer:

  • The NetBIOS name (which is automatically assigned) will be ā€œADā€ and canā€™t be renamed (as far as I know).
  • Every user is assigned the (also totally useless, see above) E-Mail address "user@ad.example.com". And this canā€™t be deactivated.

So how to proceed?

Is there a chance to use the ā€œmailā€ field of the AD user as the E-Mail address instead of the login with AD domain name as suffix? So option 2 und 3 may be considered?
And is there a chance to rename the NetBIOS domain in option 3?

If this canā€™t be done, I think I would go on with option 1 and try to go round the DNS problemsā€¦

3 Likes

This will be fixed soon! Iā€™m working on it!

This will be possible in the near future, too!

Here there is a possible enhancement on the dnsmasq forwarding configuration, too!

BTW, great recap @uliversal!!

1 Like

Wow, @davidep, thatā€™s great news! :blush:
I donā€™t want to hustle you, but can you give a rough timeline for this?

(And is there a way I can support you?)

A post was merged into an existing topic: E-Mail wrongly delivered to account given in ā€œAccept unknown recipientsā€

Our roadmap is here:

https://github.com/orgs/NethServer/projects/1

1 Like

I would deactivate it by default or you should be able to choose it during the new user creation

I prefer this solution and I would work on DNS issues workarounds, I see that @davidep is already working on that though. Good to know :slight_smile:

1 Like

A package is ready to test it! You can install the RPM from nethserver-testing repository:

yum --enablerepo=nethserver-testing update nethserver-mail-server-1.10.8-1.5.g8683219.ns7.noarch

It allows to safely (from the mail-server point of view) delete the primary domain record under ā€˜Email > Domainsā€™ page. See also

2 Likes