back to article Microsoft prevents Domain of Danger from falling into miscreants' paws by forking out cash for

Victims of early versions of Microsoft's Active Directory can breathe a sigh of relief: the software giant has snapped up the infamous domain. As noted by investigative blogger Brian Krebs, the big-hearted software giant stepped in after a private citizen put the domain up for sale. The sale potentially put hundreds …

  1. Claverhouse Silver badge

    Good for the ex-owner.

  2. chivo243 Silver badge

    Is Contoso next?

    We still laugh about Contoso when reminiscing about 2003 training ;-}

    1. BJC

      Re: Is Contoso next?

      I think MS have that covered.

      1. chivo243 Silver badge

        Re: Is Contoso next?

        Fabrikam! Damn! one I forgot!

    2. Cosby

      Re: Is Contoso next?

      I use that in my homelab still

  3. HildyJ Silver badge

    "decided that the risk of leaving the thing alone was bearable"

    How many times have butts been bitten by that attitude?

    1. Nunyabiznes

      Re: "decided that the risk of leaving the thing alone was bearable"

      I thought about registering another account just to upvote your post again.

      * I might or might not have scar tissue on my buttocks.*

  4. LenG

    Do you trust MS?

    So, after all this time with no actual evidence of malfeasance on the part of the owner we allow the sale of the domain to the corporation which made Windoze snoop central for all users?


    1. Anonymous Coward
      Anonymous Coward

      Re: Do you trust MS?

      Why else do you think they bought it?

      You don't believe the "we take the privacy and security of our users seriously" line, do you?

  5. Nunyabiznes


    Hopefully MS remembers to keep paying to register that domain. It is easy for little things like that to disappear into the pit of bureaucracy.

  6. RyokuMas Silver badge

    "... anyone tasked with maintaining an ancient Active Directory setup will attest..."


    1. Anonymous Coward
      Anonymous Coward


      Apart from a few flaky .local domains still hanging around that were built by others, every AD namespace I have anything to do with uses a sub domain of the clients registered domain.

      1. jamesdagger

        If you haven't .local'ed yourself, you're not old enough.

        Once Upon A Time it was Best Practice.

        1. Nick Ryan Silver badge

          Once Upon A Time it was Best Practice.

          I never understood how it could be Best Practice back then - it always seemed to be a really stupid thing to do. No AD setup I ever created used a .local domain however I inherited a lot of them over the years and they have all been annoying.

          1. J. Cook Silver badge

            I can understand it. a lot of AD instances didn't need or have internet access at the time, and using .local was an accepted practice. (yes, I am talking about win2K to server 2003R2/2008)

            We recently did a windows 10 migration and implemented Skype for business on-prem; the contractor we hired to assist with both was gobsmacked that we were still using .local for our upns. (granted, it's a simple change to make, but there's some planning and forethought that has to happen before doing a bulk change like that.)

            Besides, how many users are still logging in with DOMAIN\username or just username? More than you might think.

        2. Anonymous Coward
          Anonymous Coward

          I am old enough. Have been around since before NT4 days and have done a quite a few NT4 to AD migrations. The sheer fact that SBS used .local domains was always a clear signal to me that it is and always was a really bad practice.

          I have made namespace mistakes. I used the clients internet domain name a couple of times instead of a sub domain before I knew any better, but never did a .local.

      2. Anonymous Coward Silver badge

        I've done the whole AD-within-registered-domain a lot. And some of those businesses have then decided to change their company (or 'trading as') name and thus register a new domain, redirecting the website etc. It plays havoc with the AD setup. Having a unique domain for the AD saves a lot of hassle in those situations.

        I don't believe there is any one 'best' arrangement to cover all situations.

        1. Anonymous Coward
          Anonymous Coward

          Shouldn't make any difference to your AD domain. Having a different internet domain to your AD namespace is also a valid option. Worst case you need to add a new domain suffix if you want the UPNs to use the new domain.

  7. EarthDog

    We'll let Mikey set up the domain

    He's microsoft certified.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2021