Re: AD Through Firewall & Trusts
- From: "Tim Chin" <donotemail>
- Date: Wed, 6 Jun 2007 10:58:46 -0500
Thanks for the reply Jorge. I'm still kind of confused though. IPsec or
not, if the new DC will be a part of an existing domain with trusts to other
domains, does the new DC need to be able to communicate with the other
domain's domain controllers (the new DC will be configured to communicate
with the other DCs in the domain that the new DC is a part of).
In other words, if I join a Windows XP computer to the same firewalled
subnet as the new DC, can I login to the Windows XP computer with
credentials from a trusted domain? Or will I need to enable communication
from the new DC to the trusted domains on the other side of the firewall in
addition to the DCs in the domain that the new DC is a part of.
My goal is to limit the number of rules to be added to the firewall for
security and simplicity of administration. However, I'm willing to create
whatever I need for this to work. And I'm not in a position to test this
setup, yet, thus my asking in this newsgroup.
Any help is appreciated.
Tim
"Jorge Silva" <jorgesilva_pt@xxxxxxxxxxx> wrote in message
news:%23X26%2308pHHA.3948@xxxxxxxxxxxxxxxxxxxxxxx
Hi
You can enforce IPSec for communications only between these 2 DCs.
http://support.microsoft.com/kb/254949
--
I hope that the information above helps you.
Have a Nice day.
Jorge Silva
MCSE, MVP Directory Services
.
- Follow-Ups:
- Re: AD Through Firewall & Trusts
- From: Jorge Silva
- Re: AD Through Firewall & Trusts
- References:
- AD Through Firewall & Trusts
- From: Tim Chin
- Re: AD Through Firewall & Trusts
- From: Jorge Silva
- AD Through Firewall & Trusts
- Prev by Date: Group Policy issue - restricted groups
- Next by Date: Re: Group Policy issue - restricted groups
- Previous by thread: Re: AD Through Firewall & Trusts
- Next by thread: Re: AD Through Firewall & Trusts
- Index(es):
Relevant Pages
|
