I have 3 network zones.
1. internal trusted network - This contains a RWDC (domain.com)
2. DMZ containing a RODC in domain.com
3. DMZ containing a domain member server of domain.com
During installation all ports were open between the zones to allow for domain replication etc...
However it has now been locked down and I'm unable to RDP to the Zone 3 with the members server.
I get the error message:
An authentication error has occurred.
The Local Security Authority cannot be connected
The firewall all look to be correct as far as http://technet.microsoft.com/en-us/library/dd728028(v=ws.10).aspx
Zone 1 and Zone 2 seem fine communicating with each other.
The DNS settings of the RODC are that of the RWDC
Zone 3 can only communicate to zone 2.
The member server has dns settings of the rodc.
Is this possible?
Can the domain member use the rodc for login? Or does it absolutely require DNS to the RWDC as well? Isn't that kind of pointless to have the rodc if that's the case?