Re: Is it possible to create a secure AD environment for widely dispersed PC's behind other instiutions firewalls?
- From: "Chris Swinney" <swin@xxxxxxxxxxxxx>
- Date: Wed, 2 Jul 2008 11:54:55 +0100
Many thanks for this. At a simple level, we already use remote management
tools such as VNC to manage some of these workstations, however not all
(because of firewall restraints) can be managed in this way. Still, remotely
managing the desktop is only part of the problem. A central management point
is required that is able to be use to push out key changes to all desktops,
maybe such as would be available using Group Policy. In addition, some
management applications (such as software firewall policies) require AD
integration.
Chris
"Anthony [MVP]" <anthony@xxxxxxxxxxxx> wrote in message
news:OldbPLA3IHA.2424@xxxxxxxxxxxxxxxxxxxxxxx
Chris,
AD is only one way of creating a shared security context between machines.
It would not work in your case, as the firewalls will not allow AD
traffic. Something like Webex Remote Access would allow you to control all
the machines.
Anthony,
http://www.airdesk.co.uk
"Chris Swinney" <swin@xxxxxxxxxxxxx> wrote in message
news:eZg1rG92IHA.5060@xxxxxxxxxxxxxxxxxxxxxxx
Or is this even a practical deployment senario for AD?
"Chris Swinney" <swin@xxxxxxxxxxxxx> wrote in message
news:%23c5Cz182IHA.4476@xxxxxxxxxxxxxxxxxxxxxxx
Hi,
We maintain a wide network of PCs (Win 2000 and XP, approx 200-300
machines). Most of these are single use machines designed for use in a
Video Conference environment. The machines are effectively standalone
with public IP's, and they are deployed in various institutions, some
behind firewalls that we don't manage. Although we have a certain amount
of sway with the other network managers to allow traffic to and from
these machines, we obviously do not have full control over ALL the
traffic that can be passed to them.
I feel that if we can create a secure AD environment to centrally manage
these machines it would be beneficial. I'm not entirely sure what
ports/protocols need to be configured to allow AD traffic, and then if
this traffic can be secured across foreign firewalls.
Is there a way to create such an environment?
Many thanks for any insight or articles you may have.
Chris
.
- Follow-Ups:
- References:
- Is it possible to create a secure AD environment for widely dispersed PC's behind other instiutions firewalls?
- From: Chris Swinney
- Re: Is it possible to create a secure AD environment for widely dispersed PC's behind other instiutions firewalls?
- From: Chris Swinney
- Re: Is it possible to create a secure AD environment for widely dispersed PC's behind other instiutions firewalls?
- From: Anthony [MVP]
- Is it possible to create a secure AD environment for widely dispersed PC's behind other instiutions firewalls?
- Prev by Date: Re: Undo Account Lockout Policy GPO
- Next by Date: Re: Server 2003 Authentication Question?
- Previous by thread: Re: Is it possible to create a secure AD environment for widely dispersed PC's behind other instiutions firewalls?
- Next by thread: Re: Is it possible to create a secure AD environment for widely dispersed PC's behind other instiutions firewalls?
- Index(es):
Relevant Pages
|
