Active Directory replication over firewalls

Date Published: 03 JUN 2002

About the White Paper: Firewalls present two difficulties when deploying a distributed Active Directory, directory service architecture: Initially promoting a server to a domain controller. Replicating traffic between domain controllers. The Active Directory relies on remote procedure call (RPC) for replication between domain controllers. (Simple Mail Transfer Protocol (SMTP)can be used in certain situations?schema, configuration, and global catalog replication, but not domain naming context?limiting its usefulness.) Getting replication to function properly in environments where a directory forest is distributed among internal, demilitarized zone (DMZ), and external (that is, Internet-facing) networks can be challenging.

Author:

Riley, Steve

About the Author:

Steve Riley is a Senior Program Manager in Microsoft's Security Business and Technology Unit in Redmond, Washington. Steve specializes in network and host security, communication protocols, network design, and information security policies and process. His customers include various ISPs and ASPs around the United States, as well as traditional enterprise IT customers, for whom he has conducted security assessments and risk analyses, deployed technologies for prevention and detection, and designed highly available network architectures. Steve is a frequent and popular speaker at conferences worldwide, often appearing in Asia one week and Europe the next. When not evangelizing the benefits of Microsoft security technology, he spends time with customers to better understand the security pain they face and show how some of that pain can be eliminated.

Download: To obtain Active Directory replication over firewalls go to: http://www.microsoft.com/techn... (HTML)