Hi Paul, thanks for responding, sorry i've been gone over the holidays.
Anyway, my question is related to what is the recommended practice for
handling access to dmz servers from internal clients. Basically, I have two
requests. One is to either create a public dmz active directory with a trust
to the internal domain or allow a domain controller from the inside to reside
in the public dmz. I am uncomfortable with both and have searched high and
low for information from others as to what would be the best way to allow our
users access to servers residing in the public dmz. Do you have any
suggestions or best practices. Thanks. ih
This does work though it is a bit labor intensive. You should also consider
securing/ signing all replication traffic if you are passing it into a DMZ.
It's the best security option then do a scheduled selective replication from
internal to external for accounts - perhaps even script it.
It's what i'd do - keep your internal and external completely separate,
though this may depend on what your requirements are - what do you exactly
what to do?
How were you planning on sharing the data anyway? TS, WebDAV, OWA?
Want to reply to this thread or ask your own question?
You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.