we are thinking of putting RODC IN DMZ so that AD accounts can be synched with our email gateway which is in cloud

is there any steps which we can take to secure the exposure of RODC as it will be in DMZ talking to gateway in cloud
Who is Participating?
yo_beeDirector of Information TechnologyCommented:
What is your Email Gateway?
You might be able to setup an LDAPS connection between the two and put strict 1 to 1 rule on your firewall.
I would be very hesitant to put any DC being exposed in the DMZ.
You also have an option to use ADLDS

Paul MacDonaldDirector, Information SystemsCommented:
How about a VPN to your cloud environment instead?
pramod1Author Commented:
u mean vpn connection from RODC server to cloud email gateway
Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

Paul MacDonaldDirector, Information SystemsCommented:
Yes, or from your local network to the e-mail gateway.
Do not deploy AD server in DMZ, it's highly not recommended.
Check the requirements for the email gateway and validate the best way to sync up the accounts. You probably will require locking down the firewall to allow communication to that specific IP and protocol.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.