AD site requirements when using a DMZ
Site design when using a DMZ
John Savill
April 2, 2017
1 Min Read
Q. If I place a special DC in a DMZ, should I create a separate AD site for the DMZ?
A. Many organizations deploy a separate DC in the DMZ which may also be a RODC to limit potential exposure for the organization. The next question becomes should the DMZ be a separate AD site. The answer is yes. The reasons sites are created include controlling replication and directing AD clients in that location to specific DCs. In a DMZ there are services that you want to use the DMZ DC and so placing the DC and those services in their own site will help direct them to the right DC.
About the Author
Sign up for the ITPro Today newsletter
Stay on top of the IT universe with commentary, news analysis, how-to's, and tips delivered to your inbox daily.
You May Also Like