Enable servers in a dmz to reach AD.

Hello

We have several stand alone servers in our dmz today and a win2k3 based AD
in our internal network. We want to be able to reach AD from the servers in
our dmz so they can be member servers.

I've read this article
http://technet.microsoft.com/en-us/l.../bb727063.aspx but this is as far
as I can read only about replicating between domain controllers in both
internal and dmz networks.

For making member servers in a dmz communicate with a dc in the internal do
we need to open the same ports and resrict the port on all dc's?

Thank you.


Regards
Per-Torben Sørensen




Per-Torben Sørensen

http://www.microsoft.com/downloads/d...7-a9166368434e
jk

Bottom of page 9 is the scenario I'm after. This is for win2k however, can
we use the same ports in win2k3?

Regards
Per-Torben Sørensen

"Juergen Kluth" <(E-Mail Removed)> wrote in message
news:%23t4$$(E-Mail Removed)...
> http://www.microsoft.com/downloads/d...7-a9166368434e
> jk
>

all mentioned ports are "well known ports" (you may have a wiki or google or
rfc on it)
jk

It worked nicely in my lab when I also set the FRS on a static port
(appendix D)

Do I have to do that on all odmain controllers or just one?

Regards
Per-Torben Sørensen

"Juergen Kluth" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> all mentioned ports are "well known ports" (you may have a wiki or google
> or rfc on it)
> jk
>