Quantcast
Channel: File Services and Storage Forum
Viewing all articles
Browse latest Browse all 1766

Accessing DFS namespace from a different domain and from behind a firewall

$
0
0

I have a situation where we're trying to set up a couple of DFS namespaces that will be accessed by servers within the hosting domain and also from servers in a DMZ and a different domain. Access from systems within the hosting domain works fine. The issue is with systems in a DMZ and separate domain. There is a one way trust where the DMZ domain trusts the internal domain and the DMZ servers talk to a group of RODC's for authentication. They are blocked from talking to other DC's for the internal domain. The DFS namespace is hosted on a member server that has the ports opened that are listed here .

Our network security team sees the DMZ servers trying to talk on ports 139 and 445 to internal domain controllers, which they won't be able to do. I'm assuming the DMZ servers should be able to resolve the DFS namespace from the RODC's and then talk to the namespace server, and they should never need to talk to an internal DC. 

Can anyone help me figure out why this is happening?

Thanks,
Rich




Viewing all articles
Browse latest Browse all 1766

Trending Articles



<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>