We are using it in our AD, between 5 dc's across 2
sites. So far, no problems if we confine ourselves to DC to DC
traffic. That is relatively easy, just configure the proper IPSec Policies
and push them out via GPO to the Domain Controllers OU.
We have not had any real success with built-in windows
IPSec / kerberized IPSec between a client workstation and the domain
controller. Seems to mostly be a chicken & egg
thing.
Hope that helps.
/aaron
This email is intended only for the use of the individual or entity to which it is addressed and may contain information that is privileged and confidential. If the reader of this email message is not the intended recipient, you are hereby notified that any dissemination, distribution, or copying of this communication is prohibited. If you have received this email in error, please notify the sender and destroy/delete all copies of the transmittal. Thank you.
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Bernier, Brandon (.)
Sent: Wednesday, February 01, 2006 07:31
To: [email protected]
Subject: [ActiveDir] Using IPSec on Domain Controllers?
Is anyone using IPSec for DC to DC communication in a moderately large environment? I'm curious to see what kind of support issues people are running into... Thanks!
-Brandon
