Server credentials for AD when in DMZ

Posted on 2013-01-16
Medium Priority
Last Modified: 2013-02-03
I have a server that connects to a domain. The server is being moved to the DMZ for security. I am wondering what happens my logon information. I can logon to the server after its moved to the dmz using the AD username and password due to the credentials being cached on the box but what happens as far as password expiry. Will the password expiry kick in or will it always remain with the same username and password. I am wondering what other people do in this scenario. Is it all local logons and removal from the domain? Thanks
Question by:Sid_F
  • 3
LVL 19

Expert Comment

by:Miguel Angel Perez Muñoz
ID: 38782107
Try to remove domain credentials needs using local accounts.
In case this not be possible consider one of this options:

- Placing a RO domain controller to validate users on DMZ
- Using ISA server to reverse proxy and validate users
- Permit only to this machine on DMZ communicate to your DC´s
- Set-up exclusive domain to this computer.

Author Comment

ID: 38782995
The options are not probably not an option for me. I am really querying around the cached credentials and will they expire

Accepted Solution

Sid_F earned 0 total points
ID: 38783033
From this MVP it seems cached credentials never expire. http://www.networksteve.com/forum/topic.php?TopicId=20926

Author Closing Comment

ID: 38848315

Featured Post

The Firewall Audit Checklist

Preparing for a firewall audit today is almost impossible.
AlgoSec, together with some of the largest global organizations and auditors, has created a checklist to follow when preparing for your firewall audit. Simplify risk mitigation while staying compliant all of the time!

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Will you be ready when the clock on GDPR compliance runs out? Is GDPR even something you need to worry about? Find out more about the upcoming regulation changes and download our comprehensive GDPR checklist today !
2017 was a scary year for cyber security.  Hear what our security experts say that hackers have in store for us in 2018.
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…
We’ve all felt that sense of false security before—locking down external access to a database or component and feeling like we’ve done all we need to do to secure company data. But that feeling is fleeting. Attacks these days can happen in many w…

627 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question