Single Label domain names

Greetz!
I would like clarification on Single Label Domain names in SP 2013 web applications.
When I set up my A record I can set the Name, FQDN and IP Address. If I leave Name blank it will use whatever is in the FQDN?When I enter the FQDN I should use something like "Company.Local" or "SP.Company.Local" and not "Company"
When I set up my root Web Application, I will use the FQDN that I gave in the A record and I will not leave the ":80" on the end of it.
My intention is to setup a single web application and run HNSCs off the default zone. I will use Windows Authentication with basic Kerberos. I'll have a root site collection but we won't be using it.
Am I thinking straight about avoiding the use of single label domain names?
Thanks!
Love them all...regardless. - Buddha

"Single Label Domain names" has specific meaning and that applies to Active Directory (SLDs are not supported by SharePoint).
You will want to use an FQDN as your Host-Named Site Collections will be present underneath the root domain (e.g. if you create a Web Application using "root.company.com", your sites will be "portal.company.com", "teams.company.com",
as a couple of examples). Your Web Application will be created without a host name (see PowerShell example here: https://technet.microsoft.com/en-us/library/cc424952.aspx#section2).
Your "root.company.com", in my example, with be a path-based Site Collection as the "Root" Site Collection, which is required for all SharePoint Web Apps. That is described here: https://technet.microsoft.com/en-us/library/cc424952.aspx#section2b.
They use the WFE URL, but I prefer using the FQDN.
Another advantage of using FQDNs + SSL is that you don't have two different URLs for internal and external access, thus SharePoint Alerts will always have the correct URL, etc.
Trevor Seward
Follow or contact me at...
&nbsp&nbsp
This post is my own opinion and does not necessarily reflect the opinion or view of Microsoft, its employees, or other MVPs.

Similar Messages

  • Single Label Domain - Corss Forest trust issue!

    Hello There
    We have a single label root domain ex: "abc" trying to establish the external trust with the other forest's root domain which is FQDN ex: xyz.com. The trust seems to be working fine from abc to xyz.com however the trust from xyz.com to abc is an
    issue.
    We are not able to resolve/ping domain abc from xyz.com DC. We are able to ping DCs in abc from xyz.com.
    On xyz.com DNS forwarder are pointing to abc DNS server and WINS has been configured to route to abc WINS. Everytime when I ping abc from xyz.com DC its pointing to some unknown IP.
    on the xyz.com DC tried setting up the registry key AllowSingleLabelDnsDomain, updated the LMHOSTS and host file with abc domain but still unable to resolve the single label domain. We could not suspect that its an issue with the network as we are able to
    ping abc domain DCs from xyz.com
    Thanks in advance.

    Hi,
    It’s not recommended to use LMHOSTS file. Instead, we can use conditional forwarders or secondary DNS zones for DNS resolution between the
    two forests. Besides, we need to open required ports for building inter-forest trust.
    Regarding how to configure name resolution between two forests, the following article can be referred to for more information.
    Trust relationship between Two external forest / Name Resolution
    http://social.technet.microsoft.com/Forums/windowsserver/en-US/f0f384c5-f421-4592-88db-409c171b0567/trust-relationship-between-two-external-forest-name-resolution?forum=winserverDS
    Best regards,
    Frank Shen

  • Support for Single Labeled Domain

    Question - When will Microsoft stop supporting "Single Label Domains"?  Now with Windows Server 8 in the horizon, I would like to know if it will let you upgrade your current AD infrastructure if it is setup as a Single Label Domain.

    I'm sorry, but I truly don't know. The reason that I don't know, is I've never tested it or let an AD infrastructure remain as a single label name for this length of time. I've fixed a number of them in the distant past with renames. I'm not aware of anyone
    currently with a single label name until I saw this thread.
    From what I see, I don't really think so if it hasn't caused any issues up to this point.
    Besides, why do you want to bump the levels up? Is there something you are trying to introduce that requires the levels at 2008 R2? If it's DNS based, it may fail anyway due to the single label name, because the basis of the single label name is DNS *thinks*
    it's a TLD, such as "COM," "NET," etc. That's why it's problematic. DNS is hierarchal and requires a minimum of a two level domain name.
    So if you have a computer, called computer1, and your domain name is DOMAIN. Then the computer's FQDN is computer1.domain. But that looks like a domain name. Make sense?
    Anyway, I'm sure you've heard this and read that in my blog. I'm curious ... Will you be planning on renaming your domain?
    Ace Fekay
    MVP, MCT, MCSE 2012, MCITP EA & MCTS Windows 2008/R2, Exchange 2013, 2010 EA & 2007, MCSE & MCSA 2003/2000, MCSA Messaging 2003
    Microsoft Certified Trainer
    Microsoft MVP - Directory Services
    Complete List of Technical Blogs: http://www.delawarecountycomputerconsulting.com/technicalblogs.php
    This posting is provided AS-IS with no warranties or guarantees and confers no rights.

  • Trusted Forest (Single Label Domain)

    We have a forest "Domain1.com with SCCM 2012 R2 installed. This forest has a Trusted relation with another forest "Domain2". "Domain2" is "Single Label Domain"
    1) Could I discover computers on "Domain2" Domain??
    2) Must I configure "Domain2" Domain as "Disjoint Namespace" ??
    3) Must I configure something on "Domain1.com" ?

    Hi,
    Please make sure the specified account has Read permission to Domain2.
     And here is a blog about discover computers in another trusted domain, although it is for SCCM 2007. Hope this could be helpful.
    SCCM | Discover Another Trusted Domain
    Best Regards,
    Joyce Li
    We
    are trying to better understand customer views on social support experience, so your participation in this
    interview project would be greatly appreciated if you have time.
    Thanks for helping make community forums a great place.

  • Set up Migration Endpoint to single-label Domain/Forest

    I'm in the process of migrating a company from a single-label domain & forest, "domainname," to a new "newdomainname.local" domain & forest. EX2013 single-server installed and working on both domains, including autodiscover. Trust
    is set up and works, cross-domain DNS works from both sides. However...
    I can create a Migration Endpoint on ex2013.domainname that points to ex2013.newdomainname.local, but when I try to add a mailbox created in newdomainname.local, none are displayed.
    I can't create a Migration Endpoint at all on ex2013.newdomainname.local. I get a message that starts, "We couldn't detect your server settings. Please enter them. AutoDiscover failed with a configuration error: The migration service failed to detect
    the migration endpoint using the Autodiscover service."
    I'm prompted for the FQDN of the other Exchange server. When I enter ex2013.domainname, I get, "Error: The connection to the server 'ex2013.domainname' could not be completed."
    Is this expected when one server is on a single-label domain? Is there a way to enable me to use mailbox migration?
    TIA

    Thank you for your post.
    This is a quick note to let you know that we are performing research on this issue
    Niko Cheng
    TechNet Community Support

  • SCCM and Single Label Domains

    Hi,
    I have SCCM in DomainA.local. It's have trust to DomainB - it's the Single Label Domains.
    How can i add DomainB to SCCM and deploy client?
    Thanks.

    You can find the requirements for single label domains here:
    https://technet.microsoft.com/en-us/library/gg682077.aspx?f=255&MSPPError=-2147217396#BKMK_SupConfigSLD
    My Blog: http://www.petervanderwoude.nl/
    Follow me on twitter: pvanderwoude

  • I have two location one is Delhi(IP-192.168.100.*) and another is Mumbai(IP-192.168.1.*) and both are connected by MPLS line and ping with each other. We have one DC in Delhi location and domain name is CAPLDC and Delhi location all PC is member of this

    I have two location one is Delhi(IP-192.168.100.*) and another is Mumbai(IP-192.168.1.*) and both are connected by MPLS line and ping with each other.
    We have one DC in Delhi location and domain name is CAPLDC and Delhi location all PC is member of this domain and working properly.
    now i am trying join the Mumbai location PC with my Domain(CAPLDC) but they are not join with my DC and generate the error.
    I have chek the DNS and nslookup all are correct but this is generate error. 
     Is this possible Mumbai location join with this Domain(CAPLDC)???
    One more thing when i have created another DC with this name (papldc.com) then Mumbai location is joined properly.
    Pls find the error message below and also find the attachment.
    Note: This information is intended for a network administrator.  If you are not your network's administrator, notify the administrator that you received this information, which has been recorded in the file C:\Windows\debug\dcdiag.txt.
    The domain name "capldc" might be a NetBIOS domain name.  If this is the case, verify that the domain name is properly registered with WINS.
    If you are certain that the name is not a NetBIOS domain name, then the following information can help you troubleshoot your DNS configuration.
    DNS was successfully queried for the service location (SRV) resource record used to locate a domain controller for domain "capldc":
    The query was for the SRV record for _ldap._tcp.dc._msdcs.capldc
    The following domain controllers were identified by the query:
    capldcserver.capldc
    win-dyfq2poc88q.capldc
    However no domain controllers could be contacted.
    Common causes of this error include:
    - Host (A) or (AAAA) records that map the names of the domain controllers to their IP addresses are missing or contain incorrect addresses.
    - Domain controllers registered in DNS are not connected to the network or are not running.
    Pankaj Kumar

    Why are you using a single labeled domain? I would recommend renaming the domain name to be something like domain.com.
    Please refer to the articles below to fix your current issue:
    http://www.wincert.net/tips/networking/1614-cant-join-pc-to-a-domain-with-single-label.html
    http://www.itgeared.com/articles/1128-using-single-label-dns-names-for-active/
    This posting is provided AS IS with no warranties or guarantees , and confers no rights.
    Ahmed MALEK
    My Website Link
    My Linkedin Profile
    My MVP Profile

  • SCCM 2012 R2 and single lable domain

    Hello,
    we have a followng case: root forest domain is single label domain such as ABC, it has child domain CORP.ABC. In the technet article just a little information about it, it says what SCCM supports site systems and clients, can we install SCCM in the single
    lable domain? Or in the child domain when forest domain is single label domain? Will schema be extended without problems and MP data published?

    Extending the schema is independent of the domain being single labled.
    SLD restrictions are listed here:
    http://technet.microsoft.com/de-de/library/gg682077.aspx#BKMK_SupConfigSLD
    Torsten Meringer | http://www.mssccmfaq.de

  • Reverse proxy to applications on a server by just domain names possible?

    Hi All
    I am looking for a solution to set up a single server, that hosts four J2EE web applications running on a Glassfish application server with just only one IP address.
    When a user wants to use an application, he/she can just type URL without specifing port and path, and the corresponding web application will be displayed accordingly as shown below
    http://sub1.domain1.com -- > webapp1 at port 9100
    https://sub2.domain1.com -- > webapp2 at port 9200
    http://sub1.domain2.com -- > webapp3 at port 9300
    https://sub2.domain2.com -- > webapp4 at port 9400
    I am wandering whether I could use reverse proxy of Sun Java System Web Server 7 to route the traffic from the domain names to their own application on Glassfish as shown above? I tried by creating two HTTP listeners to listen at port 80, and 443 respectively, but I could not access different applications based on domain names without specifying specifix path or port.
    Is there any recommended resources or example of the mapping, or any other suggested solution?

    Thank you for your reply nsegura. I created 4 different virtual servers as you suggested and it worked :)
    However, I have a problem in reverse proxy base on path.
    The scenario is below
    I have an J2EE application that needs to be deployed in three different environment (production, training, testing). It
    is the same application for three environments, so I want them to have the same context-root. I want to use Sun Web Server 7.0 to reverse proxy to the application in each environment based on path, not URL redirect. Example of URL are shown below
    https://sub.domain3.com/app -- > http://localhost:9500 (with context-root /app)
    https://sub.domain3.com/training/app -- > http://localhost:9600 (with context-root /app)
    https://sub.domain3.com/testing/app -- > http://localhost:9700 (with context-root /app)
    So far, it works if I set context-root of the application in each environment differently
    https://sub.domain3.com/app -- > http://localhost:9500 (with context-root /app)
    https://sub.domain3.com/training/app -- > http://localhost:9600 (with context-root /training/app)
    https://sub.domain3.com/testing/app -- > http://localhost:9700 (with context-root /testing/app)
    I am wandering whether there is a solution with Sun Web Server 7 that I can use to achieve reverse proxy of the same application in different environments without having to modifying context-root for each environment and use URL redirect?
    I was thinking about using rewriting path with reverse proxy, but I did not see this function under reverse proxy tab.
    Any ideas?

  • Domain name/"primary DNS" name/mail host name/mail server name/mx name

    Hi,
    I have registered my domain name (N.com) with an external dns server and created an MX record (mail.N.com) for it as well. My server sits behind a router and internet traffic is port(80)-forwarded to my server's fixed internal ip address (I can access my webpages from the internet just fine). When I initially setup the server I was asked to give it a "primary DNS name." I naturally assumed that N.com was supposed to be entered here, but that just caused all kinds of problems (though I still do not understand why). So I reinstalled and currently have server.N.com as the primary DNS name of the server (although it shows up in Server Admin and Workgroup Manager as server.local--why is that?)
    I have had no luck getting any email from the internet with the default settings in mail services (domain name of N.com and host name of server.N.com). Having no luck with the defaults, I assumed that maybe I needed to change the host name to "mail.N.com" so that it matched the MX record. I also changed the user preferences in Workgroup Manager to receive mail from mail.N.com--but still no luck. Could someone tell me what I am doing wrong and how come none of the Mail Service literature mentions anything about what a mail "host name" is supposed to be? Is it supposed to be the same as the "Mail Server" name that Workgroup Manager asks each user for? and is it the same as the MX record name?
    I am just needing some help to connect all these variously named, but undefined, dots.
    Also, how come I can access webmail from the internet using www.N.com/webmail but can't do it from any computers within my physical network (I have to use IPaddress/webmail or server.local/webmail)?
    Also, should my user email addresses be [email protected] or [email protected] (which is the current default)?
    Thanks in advance and good luck!
    John

    I had been told by a friend that ... regular email coming in from the internet would go through port 80
    Unfortunately you were misinformed.
    My MX record needs the extra subname (such as "mail") in front of the domain name, right?
    Not at all. A MX record for 'N.com' is entirely valid (expected, in fact).
    An MX record tells remote mail servers where to send mail for any domain/subdomain. If you think about it, let's say you worked for Apple and you wanted people to be able to send email to [email protected], well then you need an MX record for 'apple.com'.
    You can see if you dig MX apple.com that they actually have 9 MX records, but the point still stands.
    Now, you might also have MX records for subdomains so that you can have [email protected], [email protected], [email protected], etc. Each of these subdomains would need a separate MX record.
    So, in general, for any set of email addresses @[anything.]domain.com you have a MX record telling remote mail servers where to send that mail.
    Of course the MX record name is mail.N.com, but I think you are implying that the in the Mail settings of Server Admin where it asks for domain name all I need to put there is the N.com, right?
    What I mean is that you need to set the domain name to whatever domain name you expect to receive mail at.
    If you want users to have email addresses in the form of [email protected], then you enter 'N.com'.
    If you want users to have email addresses in the form of [email protected] then you enter 'mail.N.com'.
    If you want both forms, enter one in the main domain and add the other(s) in the Advanced -> Hosting -> Local Host Aliases section.
    Is there anything in the Mail settings that needs to have the full MX record name (mail.N.com)?
    Yes. Either the 'domain name' or the 'Local Host Aliases' needs to contain the same thing as your MX record. That's because the MX record tells remote servers to send mail to this machine, but the machine won't accept the mail unless it is configured to do so.
    What is the "host name" supposed to be?
    This should be the name that remote servers see when this machine tries to send outgoing mail.
    Ideally this should match the reverse DNS of your IP address, that way when it connects to a remote server it says "Hi, I'm $hostname" and the remote server can lookup the machine's IP address and see the same result. This will reduce the problem of remote servers thinking you're sending them spam.
    If you only have a single IP address then this probably needs to be something like 'N.com'. If you don't have control over your reverse DNS then you're going to run into a problem.
    Also in the user accounts (in Workgroup Manager) what should the "mail server name" be? Is it the host name or the domain name?
    Off hand, I don't know.
    Also, why are all the default user email addresses [email protected] (the name I gave the server at setup)? Why doesn't the user accounts create [email protected] as the default address?
    Presumably because the mail server says it is 'server.N.com' and therefore any accounts on that machine would be [email protected]. Changing the domain name (as above) should fix that.

  • Internal Domain names

    I know what a domain name is for the external web, but what forms of words are acceptable to OS X Server for an intranet? I don't want to have to pay to register a domain name acceptable to the rest of the web, I just want something meaningful for my intranet such as "diary" or "wiki" - or even an IP address alone.
    Do they all have to end in .local or will a single word be OK? Should they all start with http://www. or something else? OS X Server help just assumes any website being set up is for world use, and there are no instructions if you just want to set up a private intranet visible only to people on the internal network but invisible to the outside world.
    Where can I go for guidance/what formats are acceptable, please?
    Many thanks.

    Internal domains can be whatever you want. It doesn't have to be a .com, .net or even .local
    If you want you can have your own domain .bar then you can have foo.bar as a hostname in that domain.
    Since it's only used internally it won't have any impact on anyone outside of your network.
    Similarly, if you really wanted to, you could call your own domain 'apple.com' and then have a hostname of basilisk.apple.com pointing to your machine. Of course, this would impact your ability to get to any other .apple.com hostname, so you might not want to do that, but it is possible.
    As for the 'single word' question, by definition a hostname is a component of your domain which would mean that 'foo' isn't strictly valid, however, you can configure your machine (System Preferences -> Network -> TCP/IP -> Search Domains) to automatically append specific domain names to any lookup. If you set this to 'bar' then a lookup for 'foo' would automatically look up 'foo.bar' and you'd get the result you're looking for.
    Finally, for now, there is no requirement to have 'www' as pointing to your web server. That's just a common convention used around the internet. It's just as valid to have fred.bar as your web server and barney.bar as your mail server if that's what you want.

  • Using intersection of dimension members in a SINGLE column/row name

    I need help understanding how a single row/column name in a report can be populated with an intersection of two different dimension members of an Essbase cube (ASO). For example, suppose I have two dimensions members in my cube - Sales and Qtr1. Now I want to create a single column-name in my Smartview or FR report called "Sales in Qtr1" that would store values for Qtr1->Sales. Also, i want to have a single column name such as (Qtr1->Sales % Qtr2->Sales).
    Is this done via a report script or some other method?
    My report would look as follows:
    Sales in Qtr1 | Sales in Qtr2 | Qtr1 Sales as a percent of Qtr2 Sales
    Region1 100 | 200 | 50%
    Region2 25 | 100 | 25%
    Would appreciate any guidance.
    Thanks.
    Axe

    Getting the data the way you've described is really easy, just nest the dimensions in Excel (or whatever reporting tool), one dimension over the other.
    It's the same for rows as it is columns (okay, in rows instead of columns).
    Essbase is very good about doing asymmetrical reports. Take a look at the DBAG and scroll down for the section labelled "Generating Symmetric Reports" -- the second example shows a asymmetric report.
    Making the label one cell? A bit hard in Excel -- you'd have to create separate retrieve ranges and report ranges or play a game with hiding rows. Very easy indeed in Financial Reports -- you basically hide a row and put whatever custom label you want in the dimension that remains (technically speaking you could hide both rows and do this with a text row -- whatever you prefer -- but I've generally seen this with the former technique.
    Regards,
    Cameron Lackpour

  • DNS Domain name ISE 1.2

    Question:  Can the DNS domain name in ISE 1.2 be differnt from the AD domain that ISE is joined to?
    Situation:  I have an internal AD domain 'mydomain.local'.  Currently ISE is setup with mydomain.local as it's dns domain it's FQDN is isebox.mydomain.local, it is also joined to that domain.  The problem comes with the certificate for HTTPS sites (management, guest, etc...) specifically guest.  If I use a certificate for isebox.mydomain.local, guest users (that do not have our internal ca) will get a certificate error.  The certificate used for HTTPS sites in ISE has to match the hostname of ISE.  This seems to me to be an unresolvable problem.  I have to have mydomain.local as the DNS domain, so that I can join ISE to mydomain.local.  But if I use that domain then I can't issue a public cert for the ISE box, because I can't get a public cert for a .local domain.
    My idea was to define the DNS domain as a public domain (abc123.com) but still join it to my internal domain (mydomain.local).  I have found some vauge references to this not being a supported configuration, and even that it doesn't work at all.  Could someone please tell me if this works?  Or better yet, some better/easer way to solve this prolem.
    Thanks!

    Hello John
    Cisco ISE supports integration with a single Active Directory identity source. Cisco ISE uses this Active Directory identity source to join itself to an Active Directory domain. If this Active Directory source has a multidomain forest, trust relationships must exist between its domain and the other domains in order for Cisco ISE to retrieve information from all domains within the forest.
    However, you may create multiple instances for LDAP. Cisco ISE can communicate via LDAP to Active Directory servers in an untrusted domain. The only limitation you would see with LDAP being a database that it doesn't support PEAP MSCHAPv2 ( native microsoft supplicant). However it does suppport EAP-TLS.
    For more information you may go through the below listed link
    http://www.cisco.com/en/US/solutions/collateral/ns340/ns414/ns742/ns744/docs/howto_45_multiple_active_directories.pdf

  • Support Domain Name, what is it all about

    I have my own domain (for three years now). I also joined .Mac. The support, as far as I understand from .Mac is nothing more than giving an alias at my own domains name. I have to adjust it at my (Lycos)host. I have the feeling that I could this also with iLife07 and everything before. If I open my site (www.preijde.net) I see the .Mac adress. Am I missing something or is there more in the domain support in iWeb08?

    *Simple forward*
    The domain you point to .mac will just works as a forward and it gets people to your mac url through the lycos url. Which is what you have now...
    *Forward with cloaking enabled*
    The .mac urls still exist for every single page because the content is still there and your domain just masks the real url (cloaking). Your Lycos .net domain will stay in the browser and not change if people go from one page to another on your site.
    CNAME
    CNAME will display
    example.com/SiteName/page1.html
    example.com/SiteName/page2.html
    exapmle.com would be your Lycos domain and it would be changing as visitors browse through different pages on your website. What it does is just masking the mac url part. Which would be what you want I think...
    Regards,
    Cédric
    Useful threads (I think they are):
    http://discussions.apple.com/thread.jspa?threadID=1086731&tstart=50
    http://discussions.apple.com/thread.jspa?messageID=5227406&#5227406

  • Domain name deletion within Business Catalyst

    I am trying to add a domain name to a website created with Muse and hosted through Business Catalyst, but I am receiving this error meassage 'Domain already exists. Please delete all records associated with the domain before re-adding it'. Anbody know how to do this please? The domain I need to use was used in a previous website which had a single, monthly Business Catalyst hosting subscription, and I now need to add this domain name to the website I am hosting through the included sites provided with the Creative Cloud monthy subscription.

    Move from the Creative Cloud to the Business Catalyst forum. They will be able to help you here.

Maybe you are looking for

  • K7N2 Delta ILSR and XP2500+ - strange overclocking problem

    Relevant configuration data: - K7N2 Delta ILSR (with 7.6 BIOS version) - Barton 2500+ (AQXEA) - Arctic Silver 3 thermal compound - GlobalWin CAK 38 (7000 rpm DELTA, all copper) - 2x512 MB Corsair XMS cmx512 3200c2 (it should run 6-3-3-2 at 200MHz on

  • Conversion from string "20041023 " to type 'Date' is not valid.

    Hi ,    I have a table with one of the column(EmpHiredate) datatype is char(10). It has value like "20141023". I need to display this value as date format(dd/mm/yyyy) in report.  Following methods i tried in textbox expression but no luck. =Format(Fi

  • Can you roll back the iMovie 9.0.6 update as it has trashed iMovie for me?

    Since the auto update of iMovie to 9.0.6 I cannot open iMovie and more - it just crashes every time trying to import the projects.  I either need to KILL all old projects or roll back iMovie so that it is usable!!! I found the answer at https://discu

  • Which difference parallel database and RAC database

    Hi Experts, I saw some document about parallel database and RAC database. My boss confused these two product. which difference between parallel database and RAC database? does parallel database is a "old RAC"? Thanks Jim

  • Changes in SE63

    Hi Experts, I am having problem , in converting the language in SE63. The problem is when I translate the Form in se63 an when I do some changes in the Form in SmartForms the translations are reverted back, Is there any care that should be taken when