November 16, 2012 at 6:11 am
Hi,
We have a issue regarding sql sever AD authentication in our organisation.
The users are in a remote building and there is a firewall between them and the servers. Also the serevr is in a child domain of the users domain. 2 Dc are in the user's domain in the user's building. 3 Dc for the server's domain are in the server's building.
The sql port is open on the firewall but users can't access the DB via there software (ArcGis Desktop 10 - ArcCatalog).
If we look at the firewall logs, we see traffic blocked on UDP port 389 between the client and the 3 server's DC. We don't want to open LDAP port from users to server's domain for security reasons. How does it come that the client want to contact the server's DC??? Is it a way to avoid this?
I tried to find documentation on the AD authentication process but did'nt find anything relevant to our situation.
Any help apreciate,
Nico
November 16, 2012 at 6:59 am
do you have an AD Global Catalog configured on the remote site?
-----------------------------------------------------------------------------------------------------------
"Ya can't make an omelette without breaking just a few eggs" 😉
November 16, 2012 at 7:10 am
Hi,
Yes, both DC on users'domain are GC and 2 of 3 in server's domain.
Forgot to mention this is a SQL server 2008 EXPRESS, don't know if it change anything regarding the issue... OS is Windows server 2008 R2.
Nico
Viewing 3 posts - 1 through 3 (of 3 total)
You must be logged in to reply to this topic. Login to reply