-3

I recently set up a server with AD DC and used a mydomain.local address for it. I now would like to be able to access the server through remote desktop from outside my local network. So I have purchased a domain name that I have set up with my router for DDNS and forwarded to the IP of my server. I was wondering a few things.

A) Is there a way I can forward the DDNS to point to my current AD DC x.local address so I wouldn't have to change the domain to log in from outside of local network?

B) If there is not a way to do what I mentioned above, what is the easiest way to change the Domain Name (mydomain.local) in my AD DC? Should I completely remove it or is there a way to change it?

I am using windows server 2012.

Gaate
  • 1
  • 1
  • 2
  • Changing the FQDN of your AD has nothing to do with its accessibility from the public Internet. Also, exposing your domain controllers to the Internet is really bad. I suggest getting some formal training, or books at the very least, before you continue. – MDMarra Dec 18 '12 at 21:47
  • I realize I don't know what I'm doing. This is a home project that I literally nothing riding on. The server has no information on it and is not being used for anything. I am doing this to learn, So if I am making mistakes please point them out, but realize that training and knowledge is what I'm seeking here. – Gaate Dec 18 '12 at 21:50
  • ServerFault might not be the best site for you, then. This is for professionals operating in a professional setting. Check our [faq] for more details. – MDMarra Dec 18 '12 at 21:51

3 Answers3

4

You can rename an AD domain with rendom.exe. There are plenty of caveats that you should be aware of when doing this. Read carefully.

That said, it has nothing at all to do with what you actually want to accomplish. Your best bet is just configuring VPN access to your internal domain.

Also, as another side note, never use .local or any other made up TLD for your AD Domain's TLD

Esa Jokinen
  • 46,944
  • 3
  • 83
  • 129
MDMarra
  • 100,734
  • 32
  • 197
  • 329
1

"I now would like to be able to access the server from outside my local network"

If that's all you wanted to do, you only needed a VPN setup. No external domain name needed to be purchased, AD authentication would work just fine, and you (assumption here) wouldn't have needed to open up your IP of your server completely to the outside world (sure hope that isn't what you did).

If you are wanting to access the server over the internet, use a VPN (set it to your external WAN IP). If you really want something fancy like "vpn.domain.com" then setup an A record on your newly bought domain for that and set it to your WAN IP, but still setup the VPN correctly.

TheCleaner
  • 32,627
  • 26
  • 132
  • 191
  • Sorry, I wanted to set up remote desktop connection to my server. This whole thing is kind of a quest to learn more about networking and servers, so while I do know there is a easier route to follow, if there is a way to change the domain name of my AD DS I'd like to give it a shot. – Gaate Dec 18 '12 at 21:37
  • Wait do you mean set up a VPN on other computers so I can use the .local domain name from any IP? Because thats a little brilliant. – Gaate Dec 18 '12 at 21:38
  • @Gaate - you referring to my answer? That's the whole point of a VPN. Not sure what you mean. I suggest you start here: http://technet.microsoft.com/en-us/network/bb545442.aspx – TheCleaner Dec 19 '12 at 17:20
1

If you're doing this to learn then start with this gentle admonishment to learn things the right way. The internal FQDN of your AD domain and the external DNS name of your public domain are two different entities (even if the domain names do match). Accessing your internal AD infrastructure by using names from your external domain DNS records doesn't require the two to match. There's a layer of abstration between the two.

Create an external DNS A record such as "server.domain.tld" that points to your dynamic ip address, then forward the appropriate ports to your internal server (3389, 80, 25, etc.), then use a dynamic DNS client on your server to keep this external DNS A record updated with your dynamic ip address.

When connecting to your server from the outside via RDP you'll connect to server.mydomain.tld and when authenticating this RDP connection you'll authenticate as internaldomain\user OR user@internaldomain.tld.

It really isn't any more complicated then that.

joeqwerty
  • 109,901
  • 6
  • 81
  • 172