I have a design question regarding Active Directory and I have not had much luck with Google searches.
My organization currently has all domain controllers on our company wide network. Environment is 2008 R2.
We have a single, isolated network (facilities network) that contains all of our facilities type door access servers and equipment. This facilities network does have a DMZ that talks to the general network - typical ASA firewall in-between.
A new door access application we want to implement is AD integrated. We can integrate with AD and employees who maintain the application can log in with AD credentials. Problem is setting up a subdomain on the isolated network and finding a way for it to replicate with domain controllers on the general network.
Has anyone had any experience with a configuration like this? Perhaps a dual-NIC domain controller with encrypted communication through the DMZ?
If anyone can assist and or point me to a good document resource let me know.