DMZ to LAN Aiuthentication in AD

[JS]

Hello All:

Can anyone tell me what ports need to be open from DMZ to DC's on the lan
for authentication?

Thanks

 

[Enkidu]

Hello All:

Can anyone tell me what ports need to be open from DMZ to DC's on the
lan for authentication?

What are you trying to achieve? You would only need to authenticate
against AD if you are using AD controlled resources. For that you would
need to open multiple holes in your firewall, which is not a good idea.

Cheers,

Cliff

 

[Jorge Silva]

Hi

Check:
Service overview and network port requirements for the Windows Server system

http://support.microsoft.com/default.aspx?scid=kb;en-us;832017


--
I hope that the information above helps you

Good Luck
Jorge Silva
MCSA
Systems Administrator

 

[DJ]

My thoughts exactly, unfortunately, we have a web server that requires alot
of bakend connecivity to resources controlled by AD.

 

[Enkidu]

Mmm, maybe I'm not getting it. Are you talking about shares? IN which
case you'd need to open a lot more than AD authentication. If you are
accessing say database servers, authentication is usually over a single
port.

Cheers,

Cliff