Home Support Options My Company Request Information Partners Back Office Logout SI 5.2

Search Knowledge Base Keyword Search Search For Any Of Words All Words Exact Phrase Clear Knowledge Base Web View Total Records: 103 ID Title Type Of Article 1024  Setup Access to Compliance File Manager on SI Portal How To 993  5 things customers want from their salesperson Sales and Marketing 778  TPM Installed on Cheetah requires correct BIOS Version How To 730  Parallels Connection Mode Change How To 728  Cell Phone Policy for Conference Rooms and Meetings Company Policy 723  Office 365 Appointment Feature Meeting Poll How To 722  Managed Services Program Descriptions - Elite, Live, Guard How To 712  Windows 10 multiple display - windows are moved and resized on display power cycle or sleep Support 694  QuickBooks Stop from retaining Last Logged-In User on Startup of QuickBooks How To 687  Fix for Error Call to GetCustomUI() for RibbonID "Microsoft.Excel.Workbook in Engage OLE" Support 675  Browser Emulation Settings in the Registry allows IE version for specific applications How To 671  Use Eversign with Engage for Digital Signatures on Quotes, Work Orders, Invoices and More How To 660  3CX Client How to setup Auto Status Change on Workstation Idle How To 649  Engage Online Portal Export Reports to Excel How To 643  How To Find PC Name How To 599  Consumption Marketing a function Consumption Economics: The New Rules of Marketing Case Study 598  Dynamic Resource Allocation Strategy Workforce Management Case Study 597  Hyper-Converged Threat Initiative IT Security Strategy Case Study 596  Cyber Security and My Cloud Applications: Am I safe? Case Study 595  What value does Data-Tech bring to a Cloud Provider Partnership? Case Study 594  The solution was extremely reliable and the process couldn’t be simpler. Case Study 593  Emergency Services Turn to 3CX Voice Over IP Phone System after Hurricane Strikes Case Study 592  Kaseya VSA Over Other Tools What it Means for Our Clients Case Study 591  Data-Tech Chooses Kaseya Over Major Competitor After Three Month Evaluation Case Study 590  Tew and Associates Migration to Managed Services and Cloud Solution Case Study Add New  Records per page - 1 5 10 25 50  2 of 5    Engage Knowledge Base Web View         Support          Print Title Active Directory Domain Naming Considerations       Resolution Symptoms: Cannot register new SSL requests or renwals for an exchange server that is part of a .local or .internal domain. Possible Cause: The reason that is given for the change is that the internal server names are not unique and therefore easy to falsify. With common names like server01 or webmail, the end user is never sure if it is actually dealing with the right party or with a malicious. The changing legislation for SSL Certificates shall start on 1 November 2015. This means, from that date, the invalid Fully-Qualified Domain Names (hereafter called FQDN) will no longer be accepted at the standard of the CA/Browser Forum and after that date such certificates may no longer be issued. All certificates issued after 1 November 2015 and meet this qualification will be revoked upon discovery. Users who are requesting a certificate on an invalid FQDN with an expiration date after 1 November 2015 should remember that their certificates will be revoked after 1 November 2015. After this date, no SAN SSL Certificate with a reserved IP address or internal server name will be issued either. Resolution: Data-Tech Resolution: For new rollouts or migrations from 2003 to server 2012; Setup the domain using a subdomain of the customers registered public domain. Example, datatech owns datatechitp.com. For the domain name we would set it up as CORP.DATATECHITP.COM this would be the FQDN. With this setup we will be able to register SSL certificates without running into a split DNS issue if we were to use just DATATECHITP.COM for the FQDN. For customers not looking to Migrate you can make adjustments to the internal domain name of the exchange server so that it reports your public domain. Information on how to do that is below. Microsoft Exchange Many people use a SAN SSL Certificate for Microsoft Exchange 2007 or 2010. It is recommended that these certificates will be modified from an internal server name to an external server name as soon as possible. A manual how to modify this on Exchange 2007 can be found here: https://www.networking4all.com/en/support/ssl+certificates/manuals/microsoft/exchange+2007/modify+.local/ The Exchange 2010 manual can be found here: https://www.networking4all.com/en/support/ssl+certificates/manuals/microsoft/exchange+2010/modify+.local/ Additional Alternatives Another alternative would be to use an additional external name. This can be done by using a .net domain name (.net = network) like DC1.DATATECHITP.NET. This would require the ownership of the .NET public domain name along with your .COM. Many companies purchase .COM, .NET, & .ORG when registering their domain however there may be instances where the customer does not own the .NET domain in which case you'll want to use a subdomain of their .COM. Vendor Microsoft Web Link http://social.technet.microsoft.com/wiki/contents/articles/17974.active-directory-domain-naming-considerations.aspx Date Entered 5/1/2018 You Tube Link Type Of Article Support Article ID 109

Copyright   Lietz Development, Inc. 1996. All Rights Reserved.

www.datatechitp.com