::shakes fist::

  • naticus@lemmy.world
    link
    fedilink
    English
    arrow-up
    46
    arrow-down
    1
    ·
    edit-2
    8 months ago

    Hilariously, I bet it’s because their Active Directory domain is the same as their public domain, and it becomes a massive pain in the ass to hostname the root domain. Yes, externally you can do it just fine, but then it’s not consistent internally on their private network.

    One solution is you run IIS (or any other web server) purely as a permanent redirect for the internal host, but it would then need to run on each domain controller which brings its own set of issues.

      • naticus@lemmy.world
        link
        fedilink
        English
        arrow-up
        14
        arrow-down
        1
        ·
        edit-2
        8 months ago

        Lol oh I never said it’s a good solution. The worst part isn’t running IIS, it’s running IIS on a domain controller. The better option is using a different domain for AD than your web domain, as long as it’s a publicly registered domain for certificate purposes.