Ever wondered how to use the same domain name for both a normal website, say – hosted on some cheap hosting account with loads of features and scripts, but yet have it work as an Active Directory Controller too?
Well, I did – and I’m sure at one point or another of your time messing with Windows 2003/2008 servers and stuff you probably thought something like: “Hey, what’s the difference between those $9.99/year domain names and my Active Directory domain? Can they work together?”
Eeks. I feel corny geeky writing this post already. Never in my life have I ever written a largely technical post publicly on a Google-able page exclusively meant for me (at least for the past 2 years, I think…). Yes, but I contribute alot to forums and stuff, so… I do contribute!
Okay, okay, long story short – yes, it’s perfectly possible!
But as hardcore sysadmins, we always come across the question of “Why” it will work, and whether it will break anything if we do some quickfix which someone like Kelvin here suggested, and also who to blame if it doesn’t work, and whether Kelvin is liable should we breach some Service-Level Agreement (SLA) with our clients, blah blah.
This being my first technical post, my disclaimer is plain and simple:
Screw you. Do this at your own risk. Hah!
Here, let me introduce what we’re going to solve today. Given this scenario:
Say, I bought this domain, “kelvin.sg”, and I want to use it for my website/blog/place-of-rant hosted with my company (via cPanel), Zension – yet I wish to run my own Active Directory domain called “kelvin.sg” just so all the computers in my (personal) network can be named and access pretty “cool-ly” like, super-cool-server.kelvin.sg, or maybe mediaserver.kelvin.sg.
Traditional (deemed improper by Kelvin) Way of Solving this Problem:
Just call your new domain kelvin.local and get over it. kelvin.sg doesn’t really sound nice anyway.
Nah, Kelvin would never do it this way. Hahaha! Let’s move on…
Let’s throw a few more constraints/assumptions into the mix:
So, what do we do now? Here’s the simple, quick workaround…
Okay, now, when you try to use a computer at a remote site/network to join the “kelvin.sg” domain, it magically works!
The trick’s in the “_msdsc” NS record – and apparently, Google only gives little pieces of things which I’ve to put together to figure it out!