Solved

help i've inherited a .corp domain

Posted on 2014-11-12
3
178 Views
Last Modified: 2014-11-14
I inherited a .corp domain at my new company.  We have several SSL certs and external DNS names that have the .CORP suffix associated with them.  This year all the 3rd party CA vendors have told me that they will not renew my .CORP ssl certificates and that I should figure out how to rename my external DNS names to something other than .CORP.  We do own a public .COM address and could use that on the outside for DNS and certificate generation.  But... I'd have to stand up this domain because it doesn't exist yet, and I'd have to work out some kind of trust between my existing .CORP domain and this new .COM domain.  

I guess my question is,.... is there an easier way to accomplish this?  Migrating all objects from the .CORP domain to the .COM domain would take at least 12 months given the complexity of the environment.

thanks in advance
0
Comment
Question by:mppickard
3 Comments
 
LVL 33

Expert Comment

by:it_saige
ID: 40438034
Actually, you don't have to change your internal domain to .com.  Just use a split DNS where you have (in your case) a .CORP dns tree (this is what your internal computers will primarily use for communication) and a secondary .COM domain so that your internal clients can access externally available internal resources by their respective DNS name.

-saige-
0
 
LVL 32

Accepted Solution

by:
aleghart earned 500 total points
ID: 40438995
You can continue to use .corp TLD internally, but when you publish DNS servers via DHCP, you must _not_ use any public DNS servers.  Some admins will put their own internal DNS servers as primary and secondary, then list a public DNS server as tertiary "backup".  Sounds good on paper...until you start resolving internal hostnames to external hosts that are not under your control.

The mis-use of ".corp" is what stalled ICANN from accepting it for gTLD.  It's considered "high-risk" due to the volume of DNS resolves that actually make it outside the LAN to a public DNS server.

How are you publishing ".corp" hostnames externally?  I'm confused about that.
0
 

Author Closing Comment

by:mppickard
ID: 40442577
Yeah I already figured it would be a heap of work.  and we don't publish .corp outside the company just internal.
0

Featured Post

Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Adoption of Microsoft’s Enterprise Mobility and Security solution and Office 365 will re-order the File Sync and Share market Microsoft has stated that its Enterprise Mobility + Security (EMS) is the fastest growing product in the history of the …
One of the biggest threats in the cyber realm pertains to advanced persistent threats (APTs). This paper is a compare and contrast of Russian and Chinese APT's.
This tutorial will walk an individual through configuring a drive on a Windows Server 2008 to perform shadow copies in order to quickly recover deleted files and folders. Click on Start and then select Computer to view the available drives on the se…
This tutorial will show how to configure a single USB drive with a separate folder for each day of the week. This will allow each of the backups to be kept separate preventing the previous day’s backup from being overwritten. The USB drive must be s…

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question