Hilariously, I bet it’s because their Active Directory domain is the same as their public domain, and it becomes a massive pain in the ass to hostname the root domain. Yes, externally you can do it just fine, but then it’s not consistent internally on their private network.
One solution is you run IIS (or any other web server) purely as a permanent redirect for the internal host, but it would then need to run on each domain controller which brings its own set of issues.
Lol oh I never said it’s a good solution. The worst part isn’t running IIS, it’s running IIS on a domain controller. The better option is using a different domain for AD than your web domain, as long as it’s a publicly registered domain for certificate purposes.
Hilariously, I bet it’s because their Active Directory domain is the same as their public domain, and it becomes a massive pain in the ass to hostname the root domain. Yes, externally you can do it just fine, but then it’s not consistent internally on their private network.
One solution is you run IIS (or any other web server) purely as a permanent redirect for the internal host, but it would then need to run on each domain controller which brings its own set of issues.
Oh god
Lol oh I never said it’s a good solution. The worst part isn’t running IIS, it’s running IIS on a domain controller. The better option is using a different domain for AD than your web domain, as long as it’s a publicly registered domain for certificate purposes.