Solved

Additional domain alias

Posted on 2013-01-22
2
464 Views
Last Modified: 2013-01-28
We have a Win2k8 r2 domain named domain.local (domain1). Recently we partner with another company who uses domain.tld (domain2) as their ad domain name. Their wireless users use their AD radius server with ssl cert doman.tld to authenticate to the wireless network. We are migrating partners ad into our, but since it's not possible to purchase SSL certificates for internal AD domain names (.local) any more we would like to re-use their radius server with the existing ssl certificate, so my questions are:

1. Is it possible to add additional AD alias (domain.tld) to domain.local so that ssl could be used once users from partner company log on with their new username username@domain.local?

2. Would users log on using existing domain alias domain1\username or using the UPN?
0
Comment
Question by:cphs
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 34

Accepted Solution

by:
Paul MacDonald earned 75 total points
ID: 38807415
I don't see why you couldn't create a zone in DNS of domain.tld and have it point to domain.local.
0
 
LVL 37

Assisted Solution

by:ArneLovius
ArneLovius earned 75 total points
ID: 38807744
I usually use internal CA (the Windows one works just fine) for requirements such as 802.1x and internal only web sites/services as you can push the CA root certificate to all domain joined clients through GPO, in your case you could also push the CA rot certificate out to the other domain computers as well.

Using a private certificate has the advantage of not costing anything (bar the maintenance of a CA server) and allows you to use private certificates for anything else that you need internally, this could be for web interfaces on copiers/printers/wireless access points etc.
0

Featured Post

Office 365 Training for IT Pros

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Background Information Recently I have fixed file server permission issues for one of my client. The client has 1800 users and one Windows Server 2008 R2 domain joined file server with 12 TB of data, 250+ shared folders and the folder structure i…
Group policies can be applied selectively to specific devices with the help of groups. Utilising this, it is possible to phase-in group policies, over a period of time, by randomly adding non-members user or computers at a set interval, to a group f…
This tutorial will walk an individual through the steps necessary to enable the VMware\Hyper-V licensed feature of Backup Exec 2012. In addition, how to add a VMware server and configure a backup job. The first step is to acquire the necessary licen…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

696 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question