Solved

Adding Linux DMZ Linux systems on the Windows 2008 Active Directory Domain

Posted on 2014-11-20
3
258 Views
Last Modified: 2015-01-14
Hello Experts,

I have couple of linux system under the DMZ network and i have a AD domain with Server 2008 Functional level. what i want to achieve is to add linux systems to AD domain to authenticate with AD (Without removing the linux systems from DMZ),

Please help.
0
Comment
Question by:Vikas Shah
3 Comments
 
LVL 3

Assisted Solution

by:Barry Molenwijk
Barry Molenwijk earned 166 total points
ID: 40454501
Seems to me like you can solve this by opening the right ports on your firewall(s) and configuring a route (on your network) from your DMZ to your Domain Controller(s) for traffic on those ports.

Here's the list of ports used to communicate with Domain Controllers:
http://support.microsoft.com/kb/179442

Unfortunately I'm not a Linux guru, nor do I know which type and version of distro you use so I can't give you any instructions how to specifically add those to your domain.
0
 
LVL 21

Assisted Solution

by:Mazdajai
Mazdajai earned 167 total points
ID: 40454854
Can you clarify exactly what you need help with and what distro are you using? Take a look of this reference and it get you started.
0
 
LVL 7

Accepted Solution

by:
Phil Davidson earned 167 total points
ID: 40459024
You can leave the Linux server in the DMZ.  You need to configure windbind and pam.  This document may help you:

https://help.ubuntu.com/community/ActiveDirectoryWinbindHowto

You may also need to configure nss, kinit, and kerberos.  If you leave it in the DMZ and it is supporting a website, you should have an IDS installed.  You may want to harden the Linux server too (implement IP tables, disable services you don't need, have strict password policies, review logs in /var/log/, turn on SELinux ideally disable any GUI desktop etc.).
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

OfficeMate Freezes on login or does not load after login credentials are input.
A safe way to clean winsxs folder from your windows server 2008 R2 editions
This tutorial will show how to configure a single USB drive with a separate folder for each day of the week. This will allow each of the backups to be kept separate preventing the previous day’s backup from being overwritten. The USB drive must be s…
This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…

773 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question