I need to configure our Domain Controller for LDAPS as we are trying to use LDAP to authenticate users to an external website (outside of the domain). The problem is that the Domain Controller's FQDN is EXAMPLE.company.local
while the public DNS record for the system is EXAMPLE.company.com
Based on an article on Microsoft's website (http://support.microsoft.com/kb/931351
), it appears that I need to include a SAN Attribute to the Certificate (we are going to use a third-party certificate if that makes a different). I am unsure as to what records should be listed on the cert or if having the SAN Attribute will actually work.
Should the "primary" record be EXAMPLE.company.com
and the SAN Attribute be EXAMPLE.company.local
? Will having the SAN Attribute allow LDAPS to function properly?