Solved

Additional domain alias

Posted on 2013-01-22
2
463 Views
Last Modified: 2013-01-28
We have a Win2k8 r2 domain named domain.local (domain1). Recently we partner with another company who uses domain.tld (domain2) as their ad domain name. Their wireless users use their AD radius server with ssl cert doman.tld to authenticate to the wireless network. We are migrating partners ad into our, but since it's not possible to purchase SSL certificates for internal AD domain names (.local) any more we would like to re-use their radius server with the existing ssl certificate, so my questions are:

1. Is it possible to add additional AD alias (domain.tld) to domain.local so that ssl could be used once users from partner company log on with their new username username@domain.local?

2. Would users log on using existing domain alias domain1\username or using the UPN?
0
Comment
Question by:cphs
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 34

Accepted Solution

by:
Paul MacDonald earned 75 total points
ID: 38807415
I don't see why you couldn't create a zone in DNS of domain.tld and have it point to domain.local.
0
 
LVL 37

Assisted Solution

by:ArneLovius
ArneLovius earned 75 total points
ID: 38807744
I usually use internal CA (the Windows one works just fine) for requirements such as 802.1x and internal only web sites/services as you can push the CA root certificate to all domain joined clients through GPO, in your case you could also push the CA rot certificate out to the other domain computers as well.

Using a private certificate has the advantage of not costing anything (bar the maintenance of a CA server) and allows you to use private certificates for anything else that you need internally, this could be for web interfaces on copiers/printers/wireless access points etc.
0

Featured Post

PeopleSoft Has Never Been Easier

PeopleSoft Adoption Made Smooth & Simple!

On-The-Job Training Is made Intuitive & Easy With WalkMe's On-Screen Guidance Tool.  Claim Your Free WalkMe Account Now

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Testrail - Active Directory integration. 4 35
CAL for Disabled accounts 4 56
Active Directory Replication 1 22
Server 2012 Active Directory Logging 7 14
Always backup Domain, SYSVOL etc.using processes according to Microsoft Best Practices. This is meant as a disaster recovery process for small environments that did not implement backup processes and did not run a secondary domain controller that ne…
I was prompted to write this article after the recent World-Wide Ransomware outbreak. For years now, System Administrators around the world have used the excuse of "Waiting a Bit" before applying Security Patch Updates. This type of reasoning to me …
This tutorial will walk an individual through the steps necessary to configure their installation of BackupExec 2012 to use network shared disk space. Verify that the path to the shared storage is valid and that data can be written to that location:…
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …

732 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question