[Samba] Active Directory clients in DMZ
Rowland Penny
rowlandpenny241155 at gmail.com
Sat Aug 29 18:27:37 UTC 2015
On 29/08/15 19:09, Marc Muehlfeld wrote:
> Hello,
>
> Am 28.08.2015 um 21:03 schrieb shacky:
>> I read the document at
>> https://wiki.samba.org/index.php/OpenLDAP_as_proxy_to_AD#Authentication_against_AD_through_openLDAP_proxy
>> and it tells about an OpenLDAP proxy to authenticate some external
>> services through it, but I need to join some Windows clients so I
>> think I cannot use it, can I?
>>
>> So could you advise me what a best practice could be?
> If you have to join DMZ machines, the openLDAP proxy won't work, because
> it would just provide access to underlaying LDAP. However it is not able
> to understand setting e. g. AD permissions or other things the classic
> LDAP don't have.
>
>
> Regards,
> Marc
>
>
Microsoft has a doc for this, but being microsoft they don't call it a
DMZ, it's a 'perimeter network'
see: http://www.microsoft.com/en-us/download/details.aspx?id=3957#tm
Rowland
More information about the samba
mailing list