What's the most secure way to connect to Active Directory from a DMZ?

windows active-directory ldap dmz
16,200

It exist a Microsoft document talking about that :

Active Directory Domain Services in the Perimeter Network (Windows Server 2008)

You can also take inspiration from Microsoft consideration on installing an Exchange Front-end computer into a DMZ

Front-End and Back-End Server Topology Guide for Exchange Server 2003 and Exchange 2000 Server

Share:
16,200
Bestter
Author by

Bestter

I'm a web developer with almost 20 years of professional experiences, fluent in C#, JavaScript, and in HTML and CSS. I also have experiences in administration of SQL Server.

Updated on June 07, 2022

Comments

  • Bestter
    Bestter about 2 years

    I got a web DMZ server, that hosts an "Extranet" ASP.NET application. I want that users should authenticate to this application using the same user and password that they use on their Windows at work. (we are using Active Directory)

    I want to know what the best way is -the most secure way - to connect from the DMZ web server to the Active Directory.

    For now I saw two possibilities:
    - RODC
    - LDAP Over SSL (LDAPS)

    Are there any other option you recommend? What other options should I consider? Any limitation, or potential problems with any of those solution?

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

AD return 8009030C: LdapErr: DSID-0C09043E, comment: AcceptSecurityContext error, data 0, vece
Use ldap3 to query all active directory groups a user belongs to
1601/01/01 of lastLogonTimeStamp attribute
Find out my bind DN in a Windows network
How to get Linux users list from LDAP
How to determine the values for an LDAP bind to a Windows Server 2012 DC? [Gitlab Omnibus 7.0.0; ldap_bind: Invalid Credentials (49)]
How do I get Bugzilla to authenticate with Active Directory LDAP?
What's the AD query syntax to enumerate all users for a particular group?
Search AD by GUID
dsquery remote AD server