Solved

Additional domain alias

Posted on 2013-01-22
2
460 Views
Last Modified: 2013-01-28
We have a Win2k8 r2 domain named domain.local (domain1). Recently we partner with another company who uses domain.tld (domain2) as their ad domain name. Their wireless users use their AD radius server with ssl cert doman.tld to authenticate to the wireless network. We are migrating partners ad into our, but since it's not possible to purchase SSL certificates for internal AD domain names (.local) any more we would like to re-use their radius server with the existing ssl certificate, so my questions are:

1. Is it possible to add additional AD alias (domain.tld) to domain.local so that ssl could be used once users from partner company log on with their new username username@domain.local?

2. Would users log on using existing domain alias domain1\username or using the UPN?
0
Comment
Question by:cphs
2 Comments
 
LVL 34

Accepted Solution

by:
Paul MacDonald earned 75 total points
ID: 38807415
I don't see why you couldn't create a zone in DNS of domain.tld and have it point to domain.local.
0
 
LVL 37

Assisted Solution

by:ArneLovius
ArneLovius earned 75 total points
ID: 38807744
I usually use internal CA (the Windows one works just fine) for requirements such as 802.1x and internal only web sites/services as you can push the CA root certificate to all domain joined clients through GPO, in your case you could also push the CA rot certificate out to the other domain computers as well.

Using a private certificate has the advantage of not costing anything (bar the maintenance of a CA server) and allows you to use private certificates for anything else that you need internally, this could be for web interfaces on copiers/printers/wireless access points etc.
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this article, I am going to show you how to simulate a multi-site Lab environment on a single Hyper-V host. I use this method successfully in my own lab to simulate three fully routed global AD Sites on a Windows 10 Hyper-V host.
This script can help you clean up your user profile database by comparing profiles to Active Directory users in a particular OU, and removing the profiles that don't match.
This tutorial will walk an individual through the steps necessary to configure their installation of BackupExec 2012 to use network shared disk space. Verify that the path to the shared storage is valid and that data can be written to that location:…
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…

828 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question