Solved

Top Level Domain is .local

Posted on 2014-10-20
3
35 Views
Last Modified: 2016-06-15
I inherited a single AD forest with a TLD of .local.  This forest has Exchange 2010 in it. From what I have discovered so far, it would be next to impossible to just rename the domain due to Exchange. The other possibility that I've found is to do a domain migration. I'm guessing this is as nasty as it sounds.  Does anyone out there know of any alternatives other than having an in-house CA as a work-around?  I may even consider the internal CA, but I'm not so sure that will resolve this issue for good. I'm afraid that eventually, we'll still need to get rid of the .local TLD name.

If a domain migration is my only hope, I could use some advise on how to get started and what things I need to consider (such as the Exchange piece) before getting started. We have almost a year left before I have to have my SSL certs reissued, so I have some time to do it right.
0
Comment
Question by:ShiftAltNumlock
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 58

Accepted Solution

by:
Cliff Galiher earned 250 total points
ID: 40392641
Having .local is fine. The few places that you'd want to use an SSL certificate, such as OWA, Autodiscover, or an SSL enabled send connector can all be configured to use a namespace other than the AD domain, so an external cert without the .local is fine.

An example is autodiscover. By default, outlook uses the domain name of the email address when constructing its URL searches, so an SSL cert with either domain.com or autodiscover.domain.com with secure autodiscover...no exchange changes necessary. You can specify a unique fqdn using DNS if you prefer.

Outlook Anywhere URLs can be changed using a simple powershell command and those will be the URLs autodiscover gives out, and can have an SSL with whatever name you chose for the URL. Again, no correlation to the local namespace.

I don't see this changing for the foreseeable future either. This will continue to work.
0
 
LVL 34

Assisted Solution

by:Seth Simmons
Seth Simmons earned 250 total points
ID: 40392734
here is how to change the URLs so that you can keep .local internally
may also need to configure split dns

Configure Exchange Services for the Autodiscover Service
http://technet.microsoft.com/en-us/library/bb201695%28v=exchg.141%29.aspx

Windows - Setting Up Split DNS
http://www.petenetlive.com/KB/Article/0000830.htm
0

Featured Post

Building an interactive eFuture classroom

Watch and learn how ATEN provided a total control system solution including seamless switching matrix switch, HDBaseT extenders, PDU, lighting control to build an interactive eFuture classroom.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

An article on effective troubleshooting
In-place Upgrading Dirsync to Azure AD Connect
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
Are you ready to implement Active Directory best practices without reading 300+ pages? You're in luck. In this webinar hosted by Skyport Systems, you gain insight into Microsoft's latest comprehensive guide, with tips on the best and easiest way…

749 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question