On 6 February 2012 20:26, Ken Schaefer <k...@adopenstatic.com> wrote:
Is there a second NIC in the server hosting the web application? If so, can > you use a direct connection (aka cross-over cable – though most NICs > support MDI-X now, so you can just use a regular cable)? Set up a HOSTS > file entry on the web application server so that it knows how to get to the > DC. > No second NIC and more than one dev will need access at a time. If I can get it to work then I can replicate it for the testers too. > **** > > ** ** > > Alternatively, get rid of the DC. Install ADAM/AD LDS (or some other LDAP > server). Import a selection of your directory structure/objects into that. > Then you won’t have issues with replication, or exposing your Production AD > on a test network.**** > > ** > I tried ADAM but it doesn't seem to understand security groups, which are needed, and also had a look at Microsoft's AD-like ADAM schema but it too has limitations. -- Thanks, noonie ** > > Cheers**** > > Ken**** > > ** ** > > *From:* ozdotnet-boun...@ozdotnet.com [mailto: > ozdotnet-boun...@ozdotnet.com] *On Behalf Of *noonie > *Sent:* Monday, 6 February 2012 5:11 PM > *To:* ozDotNet > *Subject:* Re: [ot] Port Forwarding LDAP**** > > ** ** > > Meski,**** > > ** ** > > Similar, but not the same, so I can get away with it ;-)**** > > ** ** > > A few years ago we had a senior DBA who set up a two pc virtual network > with domain controllers and sql server vms, to try out some new stuff in > sql server. I warned him not to let the network escape and he agreed. **** > > ** ** > > About a week later our network security folks were asking pointed > questions about why this unknown machine was handing out ip addresses in > another state.**** > > ** ** > > He was using bridged virtual adapters...**** > > ** ** > > -- **** > > noonie**** > > **** > > On 6 February 2012 17:12, mike smith <meski...@gmail.com> wrote:**** > > On Mon, Feb 6, 2012 at 5:07 PM, noonie <neale.n...@gmail.com> wrote: > > David, > > > > Bridging is prohibited. If I could get the hardware I'd stick it behind a > > real router :-( > >**** > > Isn't port forwarding a similar thing? If you explained it to > whoever's prohibiting bridging, they'd probably prohibit fwding too. > > > > -- > Meski > > http://courteous.ly/aAOZcv > > "Going to Starbucks for coffee is like going to prison for sex. Sure, > you'll get it, but it's going to be rough" - Adam Hills**** > > ** ** >