I may have set this up totaly wrong...
I just moved my SLOX server into a DMZ. Previously the SLOX machine was on the internal network with a pirvate IP address, sending and receiving Internet mail through my firewall. It was also serving as the networks DNS and PDC (Samba & LDAP).
So, I've moved it out of the internal network into the DMZ. I configured a different server (SLES 9) on the internal network to serve as a file server using Samba, a domain controller using Samba and a name server. I also built a new LDAP directory for the internal network, while the mail server in the DMZ has its own LDAP directory.
Is this a good design? How can I synchronize the LDAP directories accross the DMZ into the internal network without security risks?