Just check that the ports between networks are flowing.
https://learn.microsoft.com/en-us/troubleshoot/windows-server/identity/config-firewall-for-ad-domains-and-trusts
--please don't forget to Accept as answer if the reply is helpful--
This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
Dear Team,
I have one primary domain controller and one secondary domain controller. My manager wants my secondary domain controller to place in DMZ . What will be the difficulties i will face when i move the secondary domain controller to the dmz. Because we want our VPN Users to communicate that secondary domain controller only.
Thank you
Best Regards
Shihas Shamsudheen
Just check that the ports between networks are flowing.
https://learn.microsoft.com/en-us/troubleshoot/windows-server/identity/config-firewall-for-ad-domains-and-trusts
--please don't forget to Accept as answer if the reply is helpful--
Hi,
Welcome to share here!
If you want to Extended corporate forest into the perimeter network, it is suggested to put the RODC in the DMZ because of the security and manageability benefits .
However, if your current integrated application writes information to the directory, you might be blocked from using the new RODC role in the perimeter network. RODCs might also have application compatibility issues that require more planning and changes to your perimeter.
Planning Deployment of AD DS in the Perimeter Network
More details about Deploying RODCs in the Perimeter Network
If you decide to use a RODC in the DMZ, a new server is needed. (Or demote the second one and promote it to a RODC in DMZ)
Hope the information will be helpful.
Welcome to share here if you have any updates.
Best Regards,
Any progress or updates?
--please don't forget to Accept as answer
if the reply is helpful--