Solved

Joining a Windows 2000 domain from different subnet

Posted on 2006-06-12
6
712 Views
Last Modified: 2010-04-13
Hi, my company has got 2 different network subnets, call it zoneA and zoneB, and they are separated by a Cisco PIX 515E firewall.  There is a Win2k domain controller in zoneA.  My question is:

1) Is it possible that a user from zoneB to join the domain in zoneA?  How?

2) Do I have to open any ports on the firewall for the above purpose?


Thanks in advance.
0
Comment
Question by:hoggiee
6 Comments
 
LVL 48

Accepted Solution

by:
Jay_Jay70 earned 50 total points
ID: 16891842
as long as your machines can ping each other via name then yes you can      no idea how to do it with a pix but connectivity is your biggest concern
0
 
LVL 35

Assisted Solution

by:Nirmal Sharma
Nirmal Sharma earned 50 total points
ID: 16892807
>>>1) Is it possible that a user from zoneB to join the domain in zoneA?  How?

If there's no issue with connectivity and gateways defined correctly then you can join machines to domain from different subnets also.

2) Do I have to open any ports on the firewall for the above purpose?

Many. Yes, you have to open many port for domain to member conversation. You need to open port 88 for keberos, 53 for DNS etc etc.

Make sure your clients point to correct DNS server.
0
 
LVL 9

Assisted Solution

by:dooleydog
dooleydog earned 50 total points
ID: 16894541
if you are using two segments, with separate IP subnets, it doesn't matter where the DC you want to connect is, as long as you can physically connect. If you are using slower links, you may want to have additional DCs for speed.

in short, separate segments has nothing to do with DCs and joining a domain.

Good Luck,
0
 
LVL 4

Assisted Solution

by:ansh_gupta
ansh_gupta earned 50 total points
ID: 16919094
Till the time we have connectivity for protocols like rpc, kerberos, smb, dns etc we don't need to worry about anything else. If the pix is able to forward the traffic then nothing has to be done. If in case its not happening, then look for rpc , kerberos, dns etc communication whether its blocked...
0

Featured Post

Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
Google always has something new and amazing up its sleeve, and the most current thing that they have been working on is another step in the evolution of Google Search, from machine learning to its brilliant successor, deep learning.
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…
Although Jacob Bernoulli (1654-1705) has been credited as the creator of "Binomial Distribution Table", Gottfried Leibniz (1646-1716) did his dissertation on the subject in 1666; Leibniz you may recall is the co-inventor of "Calculus" and beat Isaac…

825 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question