This whole deployment has my head twisted.  We currently have an Exchange 2010 deployment that is completely misconfigured and I am wanting to solve the issues with the 2013 migration.  Here is what has me boggled:

Our internal domain is domain.int, our NETBIOS domain name is domain and our external domain is domain.org.  Does this classify as having a disjoint namespace?

Our internal DNS forward lookup zone only contains the records for .int, not .org.  If we do classify as having a disjoint namespace and we do add the .org DNS suffix to the Exchange and AD servers, are we still required to host our external domain records internally?

If our engineers are wanting to keep the external records out of our internal DNS, is it possible to cut a mail.domain.int cert from our internal CA and a mail.domain.org cert from a third party CA and assign services accordingly?

I would appreciate any feedback that you can provide.  I am really stumped at this point.  Thank you in advance,

--Scott

• Edited by slrobb Friday, May 15, 2015 8:48 PM spelling and grammer

So then our domain doesn't qualify as having a disjoint namespace?  So then, with what you are saying, I would just set the internal and external service URL's to mail.domain.org?  How does that affect the connection between our Outlook clients and the CAS server?

• Edited by slrobb Friday, May 15, 2015 9:10 PM spelling and grammer

Thank you very much.  This is exactly what I was looking for.

No problem.  glad to help