Location: List Archives

List Archives

This forum is an archive of all posts to our mailing list over the past few years.  The forum is set read only therefore to contribute you will need to join our list community.  See more info about this here.

List Archives

Forums >ActiveDir Mail List Archive >List Archives
Subject: RE: [ActiveDir] Results of blocking outbound traffic for DC in the DMZ
Prev Next
You are not authorized to post a reply.

AuthorMessages
ParzivalUser is Offline

Posts:38

09/24/2008 2:42 PM  
Use ISA server in DMZ..

________________________________________
From: ActiveDir-owner@mail.activedir.org [ActiveDir-owner@mail.activedir.org] On Behalf Of Ramon Linan [Ramon.Linan@gst.com]
Sent: Wednesday, September 24, 2008 7:05 AM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] Results of blocking outbound traffic for DC in the DMZ

Thanks for the advice, how can I offer IMAP and Webmail to the users
them?

-----Original Message-----
From: ActiveDir-owner@mail.activedir.org
[mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of joe
Sent: Wednesday, September 24, 2008 9:59 AM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] Results of blocking outbound traffic for DC in
the DMZ

If you want an RODC, deploy K8 and an RODC. Of course Exchange can't use
an
RODC.

I don't believe Exchange in a DMZ is not a recommended practice either.

As for blocking the DC from iniatiating replication. Replication in AD
is
pulled based.



--
O'Reilly Active Directory Third Edition -
http://www.joeware.net/win/ad3e.htm


-----Original Message-----
From: ActiveDir-owner@mail.activedir.org
[mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of Ramon Linan
Sent: Wednesday, September 24, 2008 9:43 AM
To: ActiveDir@mail.activedir.org
Subject: [ActiveDir] Results of blocking outbound traffic for DC in the
DMZ

Hi,

I want to place an Exchange 2003 server in the DMZ, I don't want any
traffic
going from the DMZ to the internal network, or at least traffic that
originates in the DMZ.

Since Exchange 2003 does not support ADAM I was thinking on placing a DC
on
the DMZ but not letting this DC start the replication, the only traffic
allow will be the one that start from internal network to the DMZ, I am
basically trying to force a RODC.

Can anyone anticipate problems with this idea?

Thanks in advance

Ramon
List info : http://www.activedir.org/List.aspx
List FAQ : http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ma/default.aspx

List info : http://www.activedir.org/List.aspx
List FAQ : http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ma/default.aspx
List info : http://www.activedir.org/List.aspx
List FAQ : http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ma/default.aspx
List info : http://www.activedir.org/List.aspx
List FAQ : http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ma/default.aspx
You are not authorized to post a reply.
Forums >ActiveDir Mail List Archive >List Archives > RE: [ActiveDir] Results of blocking outbound traffic for DC in the DMZ



ActiveForums 3.7
AdventNet Banner
Friends

Friends

Namescape
Members

Members

MembershipMembership:
Latest New UserLatest:rwrabinowitz
New TodayNew Today:1
New YesterdayNew Yesterday:1
User CountOverall:4273
People OnlinePeople Online:
VisitorsVisitors:318
MembersMembers:0
TotalTotal:318
Online NowOnline Now:

Ads

Copyright 2008 ActiveDir.org
Terms Of Use