Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations TouchToneTommy on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Secure LDAP - Domain Controller FQDN (.local vs .com)

Status
Not open for further replies.

JoshuaThompson

Technical User
Aug 7, 2008
50
US
According to this Microsoft requires that the name of the certificate match the FQDN of the server for LDAP over SSL with a third party.

The FQDN of my Domain Controller is servername.domain.local. After 11/1/2015 GoDaddy will no longer allow non fully qualified domain names to be used as cert names. I am attempting to address this issue now.

I have the cert installed for servername.domain.com on the DC in Certificates (Local Computer) > Personal > Certificates. I have external DNS in place so that servername.domain.com resolves to my public IP of my firewall. I have my Firewall redirecting traffic from port 636 from specific IPs (my third party) to my internal DC. However when I test it using some simply SSL Checker services I am told "No certificate found". The server has been rebooted after the cert was installed. Performing an IPCONFIG /ALL on the DC shows the Host is servername and the Primary DNS suffix is domain.local. Hence the FQDN is servername.domain.local.

What can I do to get my Domain Controller FQDN to be servername.domain.com? Can this be as simple as adding a DNS suffix for domain.com? Or is this going to take a major rework of my AD structure?

Any advice is appreciated.

Thanks,


 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top