Can I ask why you're choosing to put your servers into the DMZ? Other than ISA (maybe - and I'm not convinced even that one), none of the other servers needs to be publicly exposed.
------------------------------------------------------ Roger D. Seielstad - MCSE Sr. Systems Administrator Inovis - Formerly Harbinger and Extricity Atlanta, GA > -----Original Message----- > From: Oluwaseyi Owoeye [mailto:[EMAIL PROTECTED]] > Sent: Friday, January 24, 2003 6:23 AM > To: [EMAIL PROTECTED] > Subject: RE: [ActiveDir] Using Active Directory between a firewall > > > Yes I can see the AD Server from within the DMZ and pinging > the server gives me no problem at all > > -----Original Message----- > From: Jochen Andries [mailto:[EMAIL PROTECTED]] > Sent: Friday, January 24, 2003 10:45 AM > To: [EMAIL PROTECTED] > Subject: RE: [ActiveDir] Using Active Directory between a firewall > > Do you see the AD-server from the server in the DMZ-zone ? > (Ping-request, ...) > > -----Original Message----- > From: Oluwaseyi Owoeye [mailto:[EMAIL PROTECTED]] > Sent: vrijdag 24 januari 2003 10:33 > To: [EMAIL PROTECTED] > Subject: [ActiveDir] Using Active Directory between a firewall > > Hi guys, > > I have a little problem over here. I have an implementation > of active directory where the servers sit on a subnet and all > the client workstations sit in another subnet. > > For security reasons I want to move the servers into DMZ > zone. I found out that when I move the servers into the DMZ > zone they are not able to communicate with active directory. > This is because the domain controller is within the proper > network, but the servers that needs to be moved into the DMZ > are servers like the exchange and ISA servers and these > servers need to communicate with active directory to function > properly. > > What ports do I need to open on the firewall in other for the > machines in the DMZ to talk to active directory effectively. > > Thanks > > VIRUS SCANNED! > Marina One > > > List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
