?
Solved

help i've inherited a .corp domain

Posted on 2014-11-12
3
Medium Priority
?
183 Views
Last Modified: 2014-11-14
I inherited a .corp domain at my new company.  We have several SSL certs and external DNS names that have the .CORP suffix associated with them.  This year all the 3rd party CA vendors have told me that they will not renew my .CORP ssl certificates and that I should figure out how to rename my external DNS names to something other than .CORP.  We do own a public .COM address and could use that on the outside for DNS and certificate generation.  But... I'd have to stand up this domain because it doesn't exist yet, and I'd have to work out some kind of trust between my existing .CORP domain and this new .COM domain.  

I guess my question is,.... is there an easier way to accomplish this?  Migrating all objects from the .CORP domain to the .COM domain would take at least 12 months given the complexity of the environment.

thanks in advance
0
Comment
Question by:mppickard
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 34

Expert Comment

by:it_saige
ID: 40438034
Actually, you don't have to change your internal domain to .com.  Just use a split DNS where you have (in your case) a .CORP dns tree (this is what your internal computers will primarily use for communication) and a secondary .COM domain so that your internal clients can access externally available internal resources by their respective DNS name.

-saige-
0
 
LVL 32

Accepted Solution

by:
aleghart earned 1500 total points
ID: 40438995
You can continue to use .corp TLD internally, but when you publish DNS servers via DHCP, you must _not_ use any public DNS servers.  Some admins will put their own internal DNS servers as primary and secondary, then list a public DNS server as tertiary "backup".  Sounds good on paper...until you start resolving internal hostnames to external hosts that are not under your control.

The mis-use of ".corp" is what stalled ICANN from accepting it for gTLD.  It's considered "high-risk" due to the volume of DNS resolves that actually make it outside the LAN to a public DNS server.

How are you publishing ".corp" hostnames externally?  I'm confused about that.
0
 

Author Closing Comment

by:mppickard
ID: 40442577
Yeah I already figured it would be a heap of work.  and we don't publish .corp outside the company just internal.
0

Featured Post

Use Case: Protecting a Hybrid Cloud Infrastructure

Microsoft Azure is rapidly becoming the norm in dynamic IT environments. This document describes the challenges that organizations face when protecting data in a hybrid cloud IT environment and presents a use case to demonstrate how Acronis Backup protects all data.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The Cyber News Rundown brings you the latest happenings in cyber news weekly. Who am I? I’m Connor Madsen, a Webroot Threat Research Analyst, and a guy with a passion for all things security. Any more questions? Just ask.
What's worse than having your data encrypted by ransomware? Getting attacked by a so-called "wiper," which simply destroys the data and offers you no hope of ever seeing it again.
This tutorial will walk an individual through locating and launching the BEUtility application to properly change the service account username and\or password in situation where it may be necessary or where the password has been inadvertently change…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
Suggested Courses

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question