#ad1.tacos-telco.cloud or ad1.tacos-telco.local ?

@restive lintel, if you want to play around with lots of emoji, please use #offtopic-and-memes to avoid punishment.

.cloud is reserved

Its a actual TLD

and if I use .com ?

What were the question

but .com is a real TLD too

I have a domain tacos-telco.cloud linked with my website on Godaddy Can I configure my AD with tacos-telco.cloud without impact my website ?

That domain is not in use

Nobody owns it

inb4 someone random here buys it for ransom

Well I wont

haha me neither xd

i have nyasaki.cloud and nyasaki.dev already

yes , I use antoher domain name . it's for my example

but you should use .local or a domain you actually own

Else our dns tries to resolve them publicly

which it cant

you could tell it that .cloud is local which would cause issues with actual .cloud domains

if you use your DC as DNS server you are going to have to do some extra stuff too though

either employ what is called split-brain dns

or set up your own public dns zone

split brain dns is easier to setup and understand, but requires constant maintenance

setting up your own public dns to host your domain is difficult, but more hands off afterwards

alternatively, you can use the same primary domain name, but put your AD as a subdomain which does not exist on the public zone

those are your 4 options

1. use .local
2. use split-brain dns
3. use self-hosted public dns
4. use subdomain for AD

I personally recommend options 1 or 4

there are even more options though, but that would go into schizo admin tier

if I choose 1 can I sync Offce365 ?

yes, syncing to 365 works with all options

you just need to do an extra step for option 1, which is to add an alternative upn suffix

for option 4 too tbh

the option 1 it's most easier ?

yeah

it is

or well, option 1 and 4 are more or less identical

just with option 4 you are locking yourself to paying for a public domain name for all eternity

I prefer option 1 overall

it's true ?

well not all eternity, but for as long as you wanna keep that AD secure

you figure out how to add upn suffix?

I think there's a simple ms doc for it in relation to the guide for setting up adsync

Choose 1

for 4 you would have to buy a domain

yeah 1 is best, at least until you learn the difference

and forward into your network

once you know the pros and cons of all the options you can consider something else

there are scenarios where other options than 1 is preferable

I'll choose 1

usually when you have self-hosted systems that have integrated AD authentication and you want to access them publicly

then you may need options 2-4

unless you do it via azure ad app integrations then it doesn't matter really

Dont confuse them now xD

xd

I have only my website now

Your website

ist it hosted at home too?

ummm

on Godaddy

with what domain?

u could use .test too

Browsers have issues with .local

I can't say it unfortunately

not sure if edge supports .test too

but my website use .cloud

wut

that shouldnt work

.local is not a domain

sorry .cloud not .local xd

kk

domain names are no secret btw

thank you guys , I was thinking about this but now I'm good to continue. Thank you everyone !

np :)

and btw for the future, anything related to hosting servers or services is allowed to be asked in #sysadmin