AD in the Perimeter Network
Posted by BPuhl on April 27, 2009
A new whitepaper has been published providing the guidance you need to deploy Active Directory, and specifically RODC’s, in a “Perimeter Network” (the network segment formerly known as DMZ).
I know that a lot of folks have come to me, asking for help/guidance on putting RODC’s into the DMZ rather than putting full DC’s or having a separate forest. This should provide the information you need to keep safe, secure, and most of all…functional.
Some of the topics include:
• Security considerations and configurations for RODCs in the DMZ
• Network configurations for RODCs
• Application compatibility with RODCs in the DMZ
• Step by step instructions and a sample script to help perform domain join using RODCs
Brandon pointed out to me, that the doc is nice, but having a downloadable version would be much nicer. We fired off a quick mail, and there will be a downloadable version of the document in the download center in the near future.