Is there a second NIC in the server hosting the web application? If so, can you use a direct connection (aka cross-over cable - though most NICs support MDI-X now, so you can just use a regular cable)? Set up a HOSTS file entry on the web application server so that it knows how to get to the DC.
Alternatively, get rid of the DC. Install ADAM/AD LDS (or some other LDAP server). Import a selection of your directory structure/objects into that. Then you won't have issues with replication, or exposing your Production AD on a test network. Cheers Ken From: [email protected] [mailto:[email protected]] On Behalf Of noonie Sent: Monday, 6 February 2012 5:11 PM To: ozDotNet Subject: Re: [ot] Port Forwarding LDAP Meski, Similar, but not the same, so I can get away with it ;-) A few years ago we had a senior DBA who set up a two pc virtual network with domain controllers and sql server vms, to try out some new stuff in sql server. I warned him not to let the network escape and he agreed. About a week later our network security folks were asking pointed questions about why this unknown machine was handing out ip addresses in another state. He was using bridged virtual adapters... -- noonie On 6 February 2012 17:12, mike smith <[email protected]<mailto:[email protected]>> wrote: On Mon, Feb 6, 2012 at 5:07 PM, noonie <[email protected]<mailto:[email protected]>> wrote: > David, > > Bridging is prohibited. If I could get the hardware I'd stick it behind a > real router :-( > Isn't port forwarding a similar thing? If you explained it to whoever's prohibiting bridging, they'd probably prohibit fwding too. -- Meski http://courteous.ly/aAOZcv "Going to Starbucks for coffee is like going to prison for sex. Sure, you'll get it, but it's going to be rough" - Adam Hills
