How to access domain controller, from outside (i.e. from the internet, outside of the WAN)?
hi guys
we're trying to configure a cloud based application to synchronise itself with our LDAP server which is on the LAN IP 10.0.0.2. We've opened up the firewall ports also.
However, there's a section on this cloud application where you have to fill in the LDAP host name. It definitely doesn't work when I put just the external IP in there. My question is, what do I put in there? How would it know how to look at for our domain controller from the internet?
I've attached screenshot.
Thanks
Yashy
LDAP.jpeg
we're trying to configure a cloud based application to synchronise itself with our LDAP server which is on the LAN IP 10.0.0.2. We've opened up the firewall ports also.
However, there's a section on this cloud application where you have to fill in the LDAP host name. It definitely doesn't work when I put just the external IP in there. My question is, what do I put in there? How would it know how to look at for our domain controller from the internet?
I've attached screenshot.
Thanks
Yashy
LDAP.jpeg
Last Comment
For starters you would need to forward port 389 to your server. Or is that what you meant by "opened up firewall ports"? What type of router do you have?
Interesting you brought this up.
I found this URL not too long ago:
http://technet.microsoft.com/en-us/library/bb727063.aspx
I hope it helps you.
I found this URL not too long ago:
http://technet.microsoft.com/en-us/library/bb727063.aspx
I hope it helps you.
ASKER
Yes, I have opened up our firewall. It's a Sonicwall NSA 3500. It's port forwarding port 389 to our server.
I just don't know what to put into the LDAP server section. It doesn't work with 10.0.0.2 in there, as it probably has no clue where 10.0.0.2 is. So should I be putting our external facing public IP in there?
thanks
I just don't know what to put into the LDAP server section. It doesn't work with 10.0.0.2 in there, as it probably has no clue where 10.0.0.2 is. So should I be putting our external facing public IP in there?
thanks
Yes put your outside facing IP there, then your router will redirect that to 10.0.0.2
Its better to setup a vpn server server in your firewall (sonicwall) and connect VPN from the client.
more secure and best practice.
Note: LDAP needs a lot of ports to be opened not only 389.
more secure and best practice.
Note: LDAP needs a lot of ports to be opened not only 389.
ASKER
How would I connect with VPN?
It's a cloud based service, so it would mean they would have to set up a VPN to our site right?
Also, I thought LDAP was only port 389. That's what the provider has asked me to open up, strangely enough.
It's a cloud based service, so it would mean they would have to set up a VPN to our site right?
Also, I thought LDAP was only port 389. That's what the provider has asked me to open up, strangely enough.
Does that mean it didn't work? If not remember to open the firewall ports on Windows server if that's not what you meant in your original post.Also try doing an ldap query against your server from within your network, to make sure everything is OK there.
ASKER
No, it didn't work when we put in the public facing IP address follwed by port 389. We've opened the firewall and have done the NAT policy. Still though, they can't telnet to that port 389.
However, I can telnet to that server from internally. I get a feeling it could be firewall related on our NSA 3500?
However, I can telnet to that server from internally. I get a feeling it could be firewall related on our NSA 3500?
some firewalls has a filttering machinazem to fillter traffic , it could be the problem.
you need to disable ldap fillters on the firewall.
you need to disable ldap fillters on the firewall.
ASKER CERTIFIED SOLUTION
THIS SOLUTION IS ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
DNS
The Domain Name System (DNS) is a hierarchical, globally distributed system responsible for associating the name of a computer, service or other resource into an IP address for connecting to the Internet or a private network. Most prominently, it translates domain names to the numerical IP addresses needed for the purpose of computer services and devices worldwide.
29K
Questions
--
Followers
--
Top Experts
Get a personalized solution from industry experts
TRUSTED BY
