Educause Security Discussion mailing list archives
Re: It's all in a Domain Name
From: Matthew Gracie <graciem () CANISIUS EDU>
Date: Thu, 18 Mar 2010 09:21:46 -0400
Consolvo, Corbett D wrote:
John, I would recommend the third option (.local). I have been in that environment before (including providing remote access services) and I feel that provides the best security. We did not run in to any major technical issues. Corbett Consolvo
I would concur - we're in the middle of a Netware - AD conversion ourselves, and we went with a disjoint namespace (canisius.ad). Since the vast majority of our infrastructure is not tied into the AD deployment - we're primarily a Unix shop - we wanted to maintain a clean separation between the environments. The only thing I would caution about using .local is that I've heard of people having issues with Zeroconf/Bonjour, since that's the default TLD for that protocol stack. -- Matt Gracie (716) 888-8378 Information Security Administrator graciem () canisius edu Canisius College ITS Buffalo, NY http://www2.canisius.edu/~graciem/graciem_public_key.gpg
Current thread:
- It's all in a Domain Name John Kaftan (Mar 18)
- <Possible follow-ups>
- Re: It's all in a Domain Name Consolvo, Corbett D (Mar 18)
- Re: It's all in a Domain Name Matthew Gracie (Mar 18)
- Re: It's all in a Domain Name Valdis Kletnieks (Mar 18)
- Re: It's all in a Domain Name Kenneth Arnold (Mar 18)
- Re: It's all in a Domain Name Consolvo, Corbett D (Mar 18)
- Re: It's all in a Domain Name John Kristoff (Mar 18)
- Re: It's all in a Domain Name Michael Sinatra (Mar 18)