Solved

Server credentials for AD when in DMZ

Posted on 2013-01-16
4
436 Views
Last Modified: 2013-02-03
I have a server that connects to a domain. The server is being moved to the DMZ for security. I am wondering what happens my logon information. I can logon to the server after its moved to the dmz using the AD username and password due to the credentials being cached on the box but what happens as far as password expiry. Will the password expiry kick in or will it always remain with the same username and password. I am wondering what other people do in this scenario. Is it all local logons and removal from the domain? Thanks
0
Comment
Question by:Sid_F
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
4 Comments
 
LVL 19

Expert Comment

by:Miguel Angel Perez Muñoz
ID: 38782107
Try to remove domain credentials needs using local accounts.
In case this not be possible consider one of this options:

- Placing a RO domain controller to validate users on DMZ
- Using ISA server to reverse proxy and validate users
- Permit only to this machine on DMZ communicate to your DC´s
- Set-up exclusive domain to this computer.
0
 
LVL 6

Author Comment

by:Sid_F
ID: 38782995
The options are not probably not an option for me. I am really querying around the cached credentials and will they expire
0
 
LVL 6

Accepted Solution

by:
Sid_F earned 0 total points
ID: 38783033
From this MVP it seems cached credentials never expire. http://www.networksteve.com/forum/topic.php?TopicId=20926
0
 
LVL 6

Author Closing Comment

by:Sid_F
ID: 38848315
resolved
0

Featured Post

Complete VMware vSphere® ESX(i) & Hyper-V Backup

Capture your entire system, including the host, with patented disk imaging integrated with VMware VADP / Microsoft VSS and RCT. RTOs is as low as 15 seconds with Acronis Active Restore™. You can enjoy unlimited P2V/V2V migrations from any source (even from a different hypervisor)

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The use of stolen credentials is a hot commodity this year allowing threat actors to move laterally within the network in order to avoid breach detection.
Envision that you are chipping away at another e-business site with a team of pundit developers and designers. Everything seems, by all accounts, to be going easily.
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…
Monitoring a network: how to monitor network services and why? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the philosophy behind service monitoring and why a handshake validation is critical in network monitoring. Software utilized …

717 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question