I need to setup LDAP on a server in our DMZ.
Currently, my plan is to setup an RODC for the server to pull for LDAP because my attempts to just open the necessary ports from my application server to my DC's isn't working, and I'm sure not the best method anyways.
If anyone has a cheat sheet for ports to open, I'd really appreciate it.
This is what I attempted from (client/application server) to (DC's)
UDP 389 & 88
TCP/UDP 135, 3268, 3269, 464, 53, 138, 445
I temp. turned off the block between the LAN and my DMZ (i know, bad.) to test adding to the domain and it worked (before I had issues where I could enter my creds but it error'ed out after(network path not found)
so I'm about to pull my hair out.
No comments:
Post a Comment