Setup offsite Domain Controller that wont replicate
I have a domain with two domain controllers, all is good and working. I have a service provider offsite who I need to replicate our AD to ie. I have to setup a third DC on their side as part of our domain. All will be good with firewall, trusts and link between us.
This service provider needs to populate the address field of the AD User accounts by way of user account object access via a service account provided by me. My question is how do I configure the DC / Domain that it replicates AD to the remote DC for our service provider but does not attempt any authentication of users on my side?
All input welcome. N
1 Comment
[ + ] Show comment
-
This looks good https://technet.microsoft.com/en-us/library/cc787370(WS.10).aspx also I can disable the netlogon service on the offsite DC - sonik777 9 years ago
Answers (1)
Please log in to answer
Posted by:
SMal.tmcc
9 years ago
Comments:
-
Thanks thats straight forward and direct but I have 700 clients. There's got to be a way to do this without relying on 'vintage' configuration files. I was thinking more from DNS perspective or the DC itself. - sonik777 9 years ago
-
you can set up acl's to block the clients subnets from being able to communicate with that server. Only allow the ip(s) of the other DC(s) to talk to this server. - SMal.tmcc 9 years ago
