Hi everyone. I have an associate who owns a small business. He has only seven users on his network and he has one SBS 2003 server. He's utilizing Exchange 2003 and SQL Server 2005. His server also hosts the primary application his company uses including his time and billing data. His SBS server is around 10 years old now and he's finally ready to replace it. To that end he's purchased a new HP server. He has a Microsoft Action Pack subscription so he has access to Windows Server 2012 and Exchange 2013. So he's all set to make the move.
His current Active Directory (AD) and DNS environment are working fine. However, his internal domain is company.local and as we all know you won't be able to get SSL certs with an internal only domain name around 2 years from now. As small as his setup is it wouldn't be a problem to setup his new server with his current public domain name (company.com) to avoid the SSL cert issue coming in around 2 years. However, the time and billing package he uses can't be moved to a new server at this time.
So what I'm thinking of doing is joining the 2012 server to the SBS 2003 domain, adding AD and DNS to it (but letting the SBS 2003 server continue holding the FSMO roles so it won't freak out), and move everything BUT the time and billing software to the new server (including e-mail). The issue, of course, is that the new server will be joining a .local domain and we won't be able to change that later on without completely rebuilding the entire system.
So I was thinking maybe we could use split DNS to solve this issue. I've been reading up on it and it sounds like it would be one way to resolve the issue heading our way 2 years from now. We'll get a SAN cert with mail.company.com and autodiscover.company.com and use split DNS to ensure that, even though the Exchange server will be in the company.local domain, it'll be able to use the cert and serve e-mail internally and externally.
Thoughts?
His current Active Directory (AD) and DNS environment are working fine. However, his internal domain is company.local and as we all know you won't be able to get SSL certs with an internal only domain name around 2 years from now. As small as his setup is it wouldn't be a problem to setup his new server with his current public domain name (company.com) to avoid the SSL cert issue coming in around 2 years. However, the time and billing package he uses can't be moved to a new server at this time.
So what I'm thinking of doing is joining the 2012 server to the SBS 2003 domain, adding AD and DNS to it (but letting the SBS 2003 server continue holding the FSMO roles so it won't freak out), and move everything BUT the time and billing software to the new server (including e-mail). The issue, of course, is that the new server will be joining a .local domain and we won't be able to change that later on without completely rebuilding the entire system.
So I was thinking maybe we could use split DNS to solve this issue. I've been reading up on it and it sounds like it would be one way to resolve the issue heading our way 2 years from now. We'll get a SAN cert with mail.company.com and autodiscover.company.com and use split DNS to ensure that, even though the Exchange server will be in the company.local domain, it'll be able to use the cert and serve e-mail internally and externally.
Thoughts?