Is there a way to remove the .intranet from my domain name?
Thank you.
This is basically a complete change of the domain name. During the installation the specified domain is also used to create the LDAP-base. It is nearly impossible to change the LDAP structure. Changing the domain name would be a lot of work as you have to touch all systems.
What you can try is to create a new forward zone in DNS to create A records in addition to the existing hostnames.
hth,
Dirk
2 Likes
This domain is in its infancy and I could just start over. How do I make sure the next time around the “.Intranet” does not get added to the domain? Last time when I did the installation and was naming the domain it was automatically added the extension to it. How can I make sure that undesired extension are not added to the domain name?
Thank you.
Hey,
During installation you’re asked for both the system’s fully-qualified domain name and the LDAP base DN. The screen looks like this:
Here you can remove the .intranet from the FQDN and change the LDAP base DN accordingly.
I highly suggest you only change the FQDN and accept what the installer will automatically derive from the changed FQDN as the LDAP base DN. Standardized setups are easier to reason about and debug later on if you ever run into trouble.
Just keep in mind that you should never, ever use a domain name for the UCS domain that’s already in used externally. For example, my company’s public domain is linet-services.de. As the UCS system must be in control of all the DNS entries in the domain it’ll manage, I must not use linet-services.de for my UCS system. Using a sub-domain of an externally-available domain on the other hand is just fine — meaning I can use e.g. internal.linet-services.de or ucs.linet-services.de for my UCS domain as long as it isn’t used yet.
Kind regards
mosu
2 Likes
Thank you very much that was greatly helpful.
You’re quite welcome.
Hello, I think I have made a mistake like this, where the underlying domain name on our private network was used, and it is not available as a FQDN. I purchased a domain name to point at the Univention, and used Lets Encrypt with a SAN certificate. The sites online that test for SSL say it is all good, but it wont lock and wont resolve correctly.
Would I need to reinstall the Univention device and then just choose the FQDN I have now purchased for the upper field, and then it would still work on our private network domain name which cannot be FQDN via the LDAP base field ? Thanks, I have been battling this weeks