I've set up a DC / AC in my home network. Ich also own a domain. So I want to connect the local DC / AC to my Domain, to login from everywhere to my network. I tried anything, but still no login servers available, when I try to connect fom outside. Sorry for my bad english.
Asked
Active
Viewed 1,694 times
1 Answers
2
The best you can do is to create a subdomain like ad.example.com, and then point the record to the external IP of your DC. You then need to create a domain named ad.example.com on your domain controller.
AD uses DNS for many things, like finding login servers. So you need to point the subdomain to your domain controller. However, clients also need to use the domain controller as DNS server within ad.example.com. To do this, you have to configure the DNS of example.com that it should forward queries to ad.example.com to your DC.
Finally, you have to open all ports AD uses to the internet. That is DNS, Kerberos, and a handful others.
This is insecure and AD is not made for this. See this excellent question: Should I expose my Active Directory to the public Internet for remote users?
mzhaase
- 3,888