Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

RODC Active Directory

Posted on 2014-03-24
4
Medium Priority
?
186 Views
Last Modified: 2014-04-15
Hi,


I was wondering if it was possible to create a RODC that doesn't participate in any authentication for users within my network. I need this RODC purely for ldap authentication for an external service and I don't want my internal clients to query it for logins or anything else.

Is this possible?
0
Comment
Question by:dcirona86
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 15

Expert Comment

by:Jaroslav Mraz
ID: 39952478
Hi,

One think you can do is block unwanted services ports on firewall

http://technet.microsoft.com/en-us/library/dd772723(ws.10).aspx
0
 
LVL 13

Accepted Solution

by:
Santosh Gupta earned 1500 total points
ID: 39952728
also create a different site and move the RODC to that site, so that only that subnet user can authenticate. That would be your external services subnet/range.
0
 

Author Comment

by:dcirona86
ID: 39957997
So if I already have a Default-First-Site-Name and then create an additional site with the specific subnet, the clients on my LAN should only authenticate to the DCs in the 'Default-First-Site-Name '?
0
 
LVL 13

Expert Comment

by:Santosh Gupta
ID: 39958264
Hi,

create new subnet x.x.x.x and put the same range ip on RODC. so they will authenticate will RODC.

you default site user will authenticate with default site DC as that has your client range IP.
0

Featured Post

Tech or Treat! - Giveaway

Submit an article about your scariest tech experience—and the solution—and you’ll be automatically entered to win one of 4 fantastic tech gadgets.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Preface Having the need * to contact many different companies with different infrastructures * do remote maintenance in their network required us to implement a more flexible routing solution. As RAS, PPTP, L2TP and VPN Client connections are no…
Citrix XenApp, Internet Explorer 11 set to Enterprise Mode and using central hosted sites.xml file.
Windows 8 came with a dramatically different user interface known as Metro. Notably missing from that interface was a Start button and Start Menu. Microsoft responded to negative user feedback of the Metro interface, bringing back the Start button a…
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…

636 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question