search for: solutionbase

Dear all, setting up a DMZ environment I was thinking to use an RODC there for user authentication. One of the application in the DMZ needs to access the directory via LDAP. When I tried to connect to the RODC using LDAP with simple bind, I always received the following error ldap_bind: Invalid credentials (49)         additional info: 80090308: LdapErr: DSID-0C0903A9, comment:

...> Did I miss anything that prevents my scenario to work by design? > Thanks a lot for your help! > > Best regards > Johannes > > I wouldn't do this, the DC (RODC or otherwise) would have to be a global catalogue. Try reading this: https://www.techrepublic.com/article/solutionbase-deploying-domain-controllers-in-a-dmz/ In short, you need to setup a domain in the DMZ and then setup a trust between this domain and your other domain. Rowland