Web Server Setup

[Guest]

I need to setup a new W2K server on the DMZ with AD on it. I need some
information on how to do this.

 

[Steven L Umbach]

If you mean a domain controller, it is not recommended to put a domain
controller in the dmz if it is part of a domain behind the firewall. To
configure a domain controller you use the dcpromo command and configure the
server to point to itself as it's preferred dns server or to another domain
controller if it is not the first dc in the domain. DMZ computers and IIS
need to be hardened before putting in the domain, For IIS other than 6.0 it
is a must, in my opinion, to use the IIS Lockdown tool to secure IIS. The
links below give more info on securing servers. --- Steve

http://www.microsoft.com/technet/security/chklist/w2ksvrcl.mspx
http://www.microsoft.com/technet/prodtechnol/windows2000serv/technologies/iis/tips/iis5chk.mspx
http://www.microsoft.com/technet/Security/default.mspx

 

[Richard G. Harper]

To second Steven's advice, you do NOT want an Active Directory domain
controller outside your firewall. If a hacker penetrates the security on
the server they own your domain. If you must access AD from outside the
firewall use a VPN to do so.

--
Richard G. Harper [MVP Shell/User] (e-mail address removed)
* PLEASE post all messages and replies in the newsgroups
* for the benefit of all. Private mail is usually not replied to.
* My website, such as it is ... http://rgharper.mvps.org/
* HELP us help YOU ... http://www.dts-l.org/goodpost.htm