Solved

help i've inherited a .corp domain

Posted on 2014-11-12
3
169 Views
Last Modified: 2014-11-14
I inherited a .corp domain at my new company.  We have several SSL certs and external DNS names that have the .CORP suffix associated with them.  This year all the 3rd party CA vendors have told me that they will not renew my .CORP ssl certificates and that I should figure out how to rename my external DNS names to something other than .CORP.  We do own a public .COM address and could use that on the outside for DNS and certificate generation.  But... I'd have to stand up this domain because it doesn't exist yet, and I'd have to work out some kind of trust between my existing .CORP domain and this new .COM domain.  

I guess my question is,.... is there an easier way to accomplish this?  Migrating all objects from the .CORP domain to the .COM domain would take at least 12 months given the complexity of the environment.

thanks in advance
0
Comment
Question by:mppickard
3 Comments
 
LVL 32

Expert Comment

by:it_saige
Comment Utility
Actually, you don't have to change your internal domain to .com.  Just use a split DNS where you have (in your case) a .CORP dns tree (this is what your internal computers will primarily use for communication) and a secondary .COM domain so that your internal clients can access externally available internal resources by their respective DNS name.

-saige-
0
 
LVL 32

Accepted Solution

by:
aleghart earned 500 total points
Comment Utility
You can continue to use .corp TLD internally, but when you publish DNS servers via DHCP, you must _not_ use any public DNS servers.  Some admins will put their own internal DNS servers as primary and secondary, then list a public DNS server as tertiary "backup".  Sounds good on paper...until you start resolving internal hostnames to external hosts that are not under your control.

The mis-use of ".corp" is what stalled ICANN from accepting it for gTLD.  It's considered "high-risk" due to the volume of DNS resolves that actually make it outside the LAN to a public DNS server.

How are you publishing ".corp" hostnames externally?  I'm confused about that.
0
 

Author Closing Comment

by:mppickard
Comment Utility
Yeah I already figured it would be a heap of work.  and we don't publish .corp outside the company just internal.
0

Featured Post

Superior storage. Superior surveillance.

WD Purple drives are built for 24/7, always-on, high-definition security systems. With support for up to 8 hard drives and 32 cameras, WD Purple drives are optimized for surveillance.

Join & Write a Comment

Never store passwords in plain text or just their hash: it seems a no-brainier, but there are still plenty of people doing that. I present the why and how on this subject, offering my own real life solution that you can implement right away, bringin…
A procedure for exporting installed hotfix details of remote computers using powershell
This tutorial will walk an individual through configuring a drive on a Windows Server 2008 to perform shadow copies in order to quickly recover deleted files and folders. Click on Start and then select Computer to view the available drives on the se…
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

9 Experts available now in Live!

Get 1:1 Help Now