When your Windows domain name and your Internet domain name are the same, you’re asking for annoying problems. Here’s why:
1. A Windows domain encompasses the assets INSIDE your enterprise network.
2. The Internet exists OUTSIDE your enterprise network.
3. Since you most likely do not use your Windows domain controllers as public authoritative DNS servers for your Internet domain name, someone else (your hosting/email provider or domain registrar) is doing that for you.
4. Now you have DNS servers INSIDE your network and independent DNS servers OUTSIDE your network both acting as authoritative for the same namespace.
See the potential problem? If your hosting or email provider makes an IP change, the whole outside world will see that, but if you don’t mirror that change on your internal DNS servers, things (email or access to your public facing website) inside your network will break. That’s never fun.
Yes, there are ways to keep your internal DNS servers in sync with your hosting provider’s servers, but very few providers will accommodate that. Instead, your Windows domain name should end with “.local”, NOT “.com”. If you follow that basic convention you’ll avoid this problem and the annoyances that come along with it. So, if you’re Acme Company (love your rocket skates, by the way), let your Windows domain be acme.local. You handle that DNS internally and leave the acme.com stuff to the outside guys. You’ll be happy you did.