A domain in a domain tree of a Microsoft Windows 2000–based network that is the highest-level parent domain in the tree. All other domains in the tree derive their Domain Name System (DNS) name from the root domain and form a contiguous namespace with the root domain. An example of a root domain name for a company called Expedia might be expedia.com.
The root domain is the first domain you create when you implement Active Directory in an enterprise. All other domains you create derive their DNS name from the root domain.
You should select a root domain name before you implement Active Directory on your Windows 2000–based network. The name should be easily recognized by users in the outside world, and you should make sure that it is legally acceptable and does not violate existing trademarks or duplicate registered company names. Root domain names should be static and not subject to change.
If you plan to connect your network directly to the Internet, you should register your root domain name with the Internet Network Information Center (InterNIC) or some other domain name registration authority. You can use separate external and internal root domain names in your enterprise network if you want to separate network resources that will be accessible to outside users on the Internet from those intended for internal company use only.
You should register both the internal and external root domain names to prevent future naming conflicts. You should also use a firewall to protect the private domain from the Internet.
Graphic R-9. Root domain.